User Agreement
Last updated: January 9,2025
Effective as of October 22nd, 2020
Important Note:
Before using the features and services of Homestyler Platform (“Homestyler Platform”) provided by Homestyler Co., Ltd and its affiliates (collectively “we”, “us” or “Homestyler Group”), please carefully read and fully understand this User Agreement (“Agreement”), especially the terms of exemption or restriction of the responsibility of Homestyler Group, the terms of exclusion or restriction of user rights, and the terms of jurisdiction, etc. These terms are usually capitalized to remind you
If you have any concerns about the terms of this Agreement, please send emails to Homestyler Group support team via “homestyler-support@service.alibaba.com”. If you disagree with any of the following terms in this Agreement, please stop using Homestyler Platform, as your using will be deemed as approval and full acceptance of the entire content in this Agreement.
In order to comply with relevant laws and regulations on personal information and data security, we will sign the "Data Processing Agreement" (Annex A) with you simultaneously with this agreement, and will inform you in detail of the technical and organizational measures we have taken to protect your personal information and information security (Annex B).
1. Application and Acceptance of this Agreement
1.1 This Agreement is an agreement signed by and between users (or “you”) and Homestyler (Shanghai) Techonology Co. Ltd ,regarding the use of Homestyler Platform related services and has a contractual effect.
1.2 When you use a specific service of Homestyler Platform, the service may have separate agreements and related business rules. The above contents will be published and demonstrated in various forms such as website announcements, notifications, messages, e-mails and help center documents. Once officially released, such separate agreements and related business rules shall be considered as an integral part of this Agreement and you shall abide by it. Your acceptance of any of the aforementioned business rules and separate agreements is deemed to be your full acceptance of this Agreement. If all or part of the terms of the relevant separate agreements or related business rules are or is held invalid, the validity of separate agreements, related business rules or their terms shall not be affected thereby.
1.3 After you sign this Agreement, the content may be modified due to changes arising from national policies, products and the environment in which this Agreement is implemented. The revised agreement will be posted on this website. If you disagree with the revised agreement, please stop signing in or using Homestyler Platform immediately. If you log in or continue to use Homestyler Platform, you will be deemed to have approved the revised agreement.
1.4 You may enter into orders with Homestyler Platform, whether online or offline. If there is any conflict or inconsistency between this Agreement and the orders, the orders shall take precedence over this Agreement.
1.5 If Homestyler Group has posted or provided a translation of this Agreement, you agree that the translation is provided for convenience only and that this English version will govern your access to and use of Homestyler Platform.
2. Service We Provide
2.1 Homestyler Platform provides you with services such as online design tool applications, online home design transaction information release, transaction services, rendering services, and online design training. The specific details are subject to the services provided by Homestyler Group by then.
3. Who May Use the Services
3.1 You may use Homestyler Platform only if you agree to form this Agreement with us and are not a person barred from receiving services under the laws of the applicable jurisdiction. In any case, you must reach the age of majority under applicable jurisdiction.
3.2 If you are accepting this Agreement and using Homestyler Platform on behalf of a company, organization, government, or other legal entity, you represent and warrant that you are authorized to do so and have the authority to bind such entity to this Agreement, in which case the words “you” and “your” as used in this Agreement shall refer to such entity.
4. Your Privacy
4.1 Your privacy is of great importance to us. Please read the
Homestyler Privacy Policy ("Privacy Policy") as it describes the types of personal data we collect from you and your devices, how we use your personal data, and the legal basis we have to process your personal data. In some cases, we will provide separate notices and request your consent.
5. Your Account
5.1 You can sign in to Homestyler Platform through Homestyler user account and third-party website account, including Facebook, Google, Twitter, or you can enjoy limited services such as browsing and information review as an anonymous user.
5.2 You can create a Homestyler user account by signing up online. You are responsible for all activities that occur under your Homestyler user account. Please notice that registering a Homestyler user account does not mean that you can use all the services provided by Homestyler Platform.
5.3 You reserve the right to terminate your Homestyler user account. When you decide not to use your Homestyler user account, you shall first confirm that there are no unexpired tasks under your Homestyler user account. At the same time, you may withdraw all available funds (if any) from your Homestyler user account or issue other legal payment orders, and apply to cancel your Homestyler user account to Homestyler Group after paying off all the service fees. After the manual approval of Homestyler Group, your user account will be officially canceled.
5.4 If your Homestyler user account is closed (whether by you or us), a few things will happen. First, your right to use the Homestyler user account will stop immediately. Second, we will delete all the data associated with your Homestyler user account or will otherwise disassociate it from you and your Homestyler user account, unless we are required by applicable laws to keep it, return it, or transfer it to you or a third party identified by you.
6. Account Security & Management
6.1 Please carefully keep your Homestyler user account information, including the account number, password, verification code and other information. Your Homestyler user account can only be used by you and is prohibited from being transferred, traded, donated, rented or borrowed. If Homestyler Group finds that your Homestyler user account has been transferred, traded, donated, rented or borrowed, we reserve the right to ban your account without any notification and not to bear the legal responsibility to you. The resulting losses, including but not limited to service interruption and the clearance of user data and content are borne by you.
6.2 In order to protect the transaction security, Homestyler Platform may require you to complete the real-name authentication and provide more identity materials and information for further identity authentication or qualification verification when you need to activate some features and services of Homestyler Platform. You must provide the true, latest, valid and complete information at the request of Homestyler Platform.
6.3 You agree to notify Homestyler Group immediately of any unauthorized use of your Homestyler user account or any other breach of account security. Homestyler Group will not be liable for any loss that you may incur as a result of someone else using your password or account, either with or without your awareness.
7. Service Fee
7.1 Some services of Homestyler Platform will charge certain service fees. For details, please refer to the business rules, notifications involved in the specific service. Homestyler Group may modify and change the charging standards and methods of the paid service according to actual needs, and may also charge for some free services. Before the above modification, alteration or start of charging, Homestyler Group will publish a notice or announcement on the corresponding service page.
8. Code of Conduct
8.1 You undertake not to use Homestyler Platform for any illegal purpose or in any illegal way, undertake to comply with all applicable laws, and comply with all separate agreements, rules and guides related to Homestyler Platform.
8.2 You agree and warrant that Homestyler Platform may not be used to facilitate or assist the following acts, nor may it be produced, uploaded, stored, distributed or disseminated in connection with the following acts:
(1) Spreading obscenity, pornography, gambling, violence, murder, terrorism, or abetting crimes;
(2) Insulting, slandering others, or infringing on the lawful rights and interests of others.
8.3 You agree and warrant that the use of Homestyler Platform is subject to this Agreement and related business rules and controls, and may not be used to engage in, including but not limited to the following acts, or to facilitate the following acts:
(1) Providing information for real-name authentication without authenticity, completeness or accuracy;
(2) Transferring, selling, renting, lending or sharing your Homestyler user account with others;
(3) Conducting any damage or attempt to damage the security of the network, including but not limited to viruses, trojans, malicious code, phishing, malicious scanning, illegal intrusion, unauthorized access, etc.;
(4) Conducting any change or attempt to change the system configuration provided by Homestyler Platform or to compromise the security of Homestyler Platform;
(5) Deleting all copyright information of Homestyler Platform, conducting reverse engineering, reverse compiling, reverse compiling of Homestyler Platform, or trying to find the software source code of Homestyler Platform in other ways;
(6) Copying, changing, modifying, linking to Homestyler Platform commercially, or creating any derivative works or products, or using plug-ins, plug-ins or unauthorized tools to access, interfere with, or affect Homestyler Platform;
(7) Accessing or trying to access our Homestyler Platform through web crawlers or other automatic methods, or violate robots.txt or similar files in Homestyler Platform;
(8) Using, leasing, lending, copying, modifying, linking, reprinting, compiling, publishing, or establishing mirror sites of data related to Homestyler Platform commercially;
(9) Conducting any operation done out of malice, or which may damage any rating or comment on Homestyler Platform, and any act that may affect the integrity or accuracy of Homestyler Platform;
(10) Using technology or other methods to destroy and disrupt the operation of Homestyler Platform and the use of Homestyler Platform by other users;
(11) Circumventing any restrictions on access to or availability of Homestyler Platform;
(12) Infringing upon the rights of others or engage in activities that violate the privacy or data protection rights of others;
(13) Helping others break these rules.
8.4 If Homestyler Group finds that your behavior violates applicable laws or this Agreement by its own or according to the information collected by other entities or individuals, Homestyler Group may take one or more of the following measures based on its independent judgment:
(1) Requiring you to replacing and modifying the contents relating to Article 8.2 immediately;
(2) Deleting and blocking related contents relating to Article 8.2 or disconnect links of these contents directly;
(3) Restricting and suspending your use of Homestyler Group, including but not limited to the direct downline of some of the services of Homestyler Platform and restrictions on your operation of Homestyler Platform, etc.;
(4) Terminating of your use of Homestyler Platform, including but not limited to the downline of all the services of Homestyler Platform and the cancellation of your Homestyler user accounts, etc.
8.5 When Homestyler Group take measures under Article 8.4, Homestyler Group will provide you with a complaint channel, which will be notified by email, message, SMS or your phone.
8.6 If you violate applicable laws or terms of this Agreement in the process of using Homestyler Platform, resulting in the loss of Homestyler Group, other users or any third party, you shall bear all the responsibilities, and Homestyler Group shall not bear any responsibility for this.
L. Language
If there is any conflict between the English version and another language version of this User Agreement, the English version shall prevail.
9. Service Suspension & Interruption
9.1 In view of the particularity of the network service, Homestyler may adjust or terminate some or all of the services of Homestyler Platform at any time with justified reasons. However, Homestyler Group will inform you as soon as possible so that you can make backups of your data and business adjustments to protect your legal rights. If the changed, discontinued or terminated network service is our free product, Homestyler Group does not need to notify the user or assume any responsibility to any user or any third party. These justifications include the following:
(1) Regular maintenance, such as examination, maintenance, and upgrade of Homestyler Platform or related equipment on a regular or irregular basis for the provision of more complete services to users;
(2) Force majeure, including but not limited to natural disasters, government actions, policy adjustments, laws and regulations’ adjustments, strikes and unrest or infectious diseases;
(3) Basic operation fault, including but not limited to the technical adjustment of the telecommunications sector, the destruction of the telecommunications/power line by others, and the installation, modification and maintenance of telecommunications network/power resources by any third party;
(4) Network security incidents, such as computer viruses, trojans or other malicious programs and hacking attacks;
(5) The improper operations or the failures of your computer software, systems, hardware and communication lines;
(6) The non-authorized use of Homestyler Platform by users;
(7) Other situations that are not caused by Homestyler Group, or can not be controlled or reasonably foreseen by Homestyler Group.
10. Service Termination
10.1 If this Agreement or the services of Homestyler Platform is terminated for any reason (including but not limited to force majeure, user arrears, user violations, etc.), for all data in your Homestyler user account or any data stored in Homestyler Group’s servers due to the use of Homestyler Platform will be kept as long as your account exists. You shall complete the migration and backup of all data in a timely manner. After the expiration of the retention period, Homestyler Group will automatically delete all your data.
10.2 You understand and agree that the suspension, interruption or termination of the services of Homestyler Platform and/or Homestyler user accounts does not represent a termination of your responsibility and you shall still be liable for possible breach of contract or damages during the use of Homestyler Platform.
11. Limitation Liability
11.1 In any case, the responsibility for the use of the related services provided by the third party in the process of using Homestyler Platform by the user shall be borne by the third party, and Homestyler Group shall not be responsible for such responsibility.
11.2 Homestyler Group does not provide any warranty or condition, express, implied or statutory, to any user and/or any transaction. Before making a trading decision, you shall fully understand the relevant transactions, make careful decisions based on your own trading objectives, risk tolerance and asset status, and bear all risks at your own risk.
11.3 Your access to and use of Homestyler Platform are at your own risk. You understand and agree that the services of Homestyler Platform are provided to you on an“AS IS” and“AS AVAILABLE” basis. Without limiting the foregoing, to the maximum extent permitted under applicable law, HOMESTYLER GROUP DISCLAIM ALL WARRANTIES AND CONDITIONS, WHETHER EXPRESS OR IMPLIED, OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT . Homestyler Group makes no warranty or representation and disclaim all responsibility and liability for: (1) the completeness, accuracy, availability, timeliness, security or reliability of Homestyler Platform; (2) any harm to your computer system, loss of data, or other harm that results from your access to or use of Homestyler Platform; (3) the deletion of, or the failure to store or to transmit, any content and other data maintained by Homestyler Platform; and (4) whether Homestyler Platform will meet your requirements or be available on an uninterrupted, secure, or error-free basis. No advice or information, whether oral or written, obtained from Homestyler Platform or through the services of Homestyler Platform, will create any warranty or representation not expressly made herein.
11.4 TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, HOMESTYLER GROUP SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS OR REVENUES, WHETHER INCURRED DIRECTLY OR INDIRECTLY, OR ANY LOSS OF DATA, USE, GOODWILL, OR OTHER INTANGIBLE LOSSES, RESULTING FROM (1) YOUR ACCESS TO OR USE OF OR INABILITY TO ACCESS OR USE HOMESTYLER PLATFORM; (2) ANY CONDUCT OR CONTENT OF ANY THIRD PARTY ON HOMESTYLER PLATFORM, INCLUDING WITHOUT LIMITATION, ANY DEFAMATORY, OFFENSIVE OR ILLEGAL CONDUCT OF OTHER USERS OR THIRD PARTIES; (3) ANY CONTENT OBTAINED FROM HOMESTYLER PLATFORM; OR (4) UNAUTHORIZED ACCESS, USE OR ALTERATION OF YOUR TRANSMISSIONS OR CONTENT. IN NO EVENT SHALL THE AGGREGATE LIABILITY OF HOMESTYLER GROUP EXCEED THE GREATER OF ONE HUNDRED U.S. DOLLARS (U.S. $100.00) OR THE AMOUNT YOU PAID, IF ANY, IN THE PAST SIX MONTHS FOR THE SERVICES GIVING RISE TO THE CLAIM. THE LIMITATIONS OF THIS SUBSECTION SHALL APPLY TO ANY THEORY OF LIABILITY, WHETHER BASED ON WARRANTY, CONTRACT, STATUTE, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE, AND WHETHER OR NOT HOMESTYLER GROUP HAS BEEN INFORMED OF THE POSSIBILITY OF ANY SUCH DAMAGE, AND EVEN IF A REMEDY SET FORTH HEREIN IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PURPOSE.
12. Intellectual Property
12.1 Homestyler Group gives you a personal, royalty-free, non-assignable and non-exclusive license to use Homestyler Platform. This license has the sole purpose of enabling you to use and enjoy the benefit of the services of Homestyler Platform as provided by Homestyler Group, in the manner permitted by this Agreement.
12.2 The intellectual property rights, including but not limited to trademark rights, patents, copyrights and trade secrets of all contents on Homestyler Platform, including but not limited to projects, images, files, information, documentations, platform architecture, platform screen arrangement and web design belong to Homestyler Group or other right holders. Without the specific written agreement of Homestyler Group or other right holders, no one shall use, modify, reproduce, publicly display, alter, distribute or publicly publish programs or contents of Homestyler Platform. Without the specific written agreement of Homestyler Group, no one shall reproduce, copy, forge, sell, resell or access Homestyler Group or any part thereof for any commercial purposes.
13. Legal Application & Dispute Resolution
13.1 This Agreement shall be governed by and construed in accordance with the laws of the People’s Republic of China. All disputes in connection with this Agreement or the execution thereof shall be settled through friendly negation. In case, no settlement can be reached through consultation, you agree to refer the dispute to arbitration by the Hong Kong International Arbitration Center (“HKIAC”) pursuant to the HKIAC’s arbitration rules effective at the time of application. The seat of arbitration shall be Hong Kong. The arbitral award shall be final and binding on the parties.
Annex A
Data Processing Agreement
Preamble
Homestyler provides Users with Homestyler® application and in this context provides services based on an Agreement concluded between the parties consisting of the order form and the Terms and Conditions (hereinafter referred to as “Main Agreement”). As part of this service provision, it is necessary, or at least it cannot be excluded, that Homestyler will handle personal data for which User acts as the responsible body within the meaning of the data protection provisions (hereinafter referred to as “Order Data”). This Agreement specifies the data protection rights and obligations of the contracting parties in connection with Homestyler’s handling of Oder Data for the performance of the Main Agreement.
Clause 1. Scope, subject-matter and duration of the processing
1.This data processing agreement applies to all activities related to the main agreement, as well as activities in which Homestyler employees can process personal rights related data within the scope of entrusted processing. If User uses Homestyler® as a natural person in purely personal or family activities The data processing protocol is not applicable for the application.
2.In providing Homestyler® application and the services defined in the Main Agreement, Homestyler can assist Users in processing personal data; The detailed content of this agreement is listed in the main agreement. Processing for providing Homestyler® Personal data of services defined in the application and main protocol.
3.Duration of processing: The duration of the processing is determined by the term of the Main Agreement.
4.The following data types and categories require processing of personal data:
(1) Provide Homestyler® Personal data (user profile) required for application and communication establishment: Access registered user data such as name and email address.
(2) Users are using Homestyler® The online operation of the application collects and processes personal data, such as model data uploaded by users, case data, and rendered images, videos, and related products.
(3) The categories of data subjects affected by processing include Users (if the application is used by individuals), Users' employees or other authorized users, authorized users' communication partners, and communication objects.
Clause 2. Responsibility for data processing
Within the framework of this agreement, the User is fully responsible for ensuring the legality of personal data. Homestyler should only process personal data on behalf of Users at their instruction.
Clause 3. Offerings Not Designed for Sensitive Personal Data
The data storage functionality associated with Offerings is NOT suitable for the storage of Social Security numbers, credit or debit card numbers, financial account numbers, driver’s license numbers, medical information, or health insurance information; data about personal characteristics or other personal data, such as race or ethnic origin, religion or philosophical beliefs, political affiliation or opinions, genetic or biometric data, sexual orientation, or trade union membership; or other information that may expose, or pose a risk of harm to, an individual if improperly disclosed or used (collectively, “Sensitive Personal Data”). Except as expressly required by Homestyler (for example, a credit card number used to purchase a subscription), You will not upload or otherwise make available to Homestyler any Sensitive Personal Data, including any files containing Sensitive Personal Data, in connection with Your use of any Offering.
Clause 4. Collaboration and Sharing of Your Content
Some Offerings permit You to collaborate with others, including sharing or publishing Your Content. If You choose to share or publish Your Content, others may be able to use, sell, reproduce, modify, distribute, make available, display, transmit and communicate Your Content, and suspending or terminating access will not delete or inhibit access to any of Your Content that was earlier shared or published. If You do not want others to have any such access or any of those rights, do not use the sharing, publishing, or other collaboration features of the Offerings and set Your permissions accordingly.
An Offering may feature links to Third-Party Material/Services. Such links are provided as a convenience to You. Homestyler does not monitor or control what such third parties will do with Your Content. You are responsible for ensuring the appropriate level of access to Your Content by any third party. If You authorize any of Your Content to be shared with any third party, Homestyler may make Your Content available to such third party; Homestyler will, however, have no responsibility or liability for the actions of such third party.
Clause 5. Technical and organisational measures
Homestyler is obligated to comply with legal data protection regulations. For specific TOMS to protect data security, please refer to Annex B attached below.
Clause 6. Obligations of Homestyler
Homestyler should only correct or delete user related asset data based on User instructions, or restrict the processing of such data.
Homestyler shall not copy user asset data without the prior consent of User. Unless they are necessary to ensure proper processing of data and proper execution of services.
Homestyler should support Users in conducting regulatory inspections within a reasonable and necessary scope, as long as these inspections are related to Homestyler's data processing. Homestyle may request reimbursement of the provable expenses and costs incurred by these support services (pure expense reimbursement).
Homestyler shall require personnel employed to process User data to maintain confidentiality in accordance with Articles 28 [3] [2], 29, and 32 [4] of the General Data Protection Regulation.
Homestyler should notify Users without delay of any interference or violation of data protection regulations, as well as any suspected violation of data protection or misconduct by employees when processing personal data. This applies particularly to any notification obligations of Users under Articles 33 and 34 of GDPR. Homestyler ensures that, if necessary, appropriate support will be provided to Users to fulfill their obligations under Articles 33 and 34 of GDPR (GDPR Articles 28 [3] [2] [f]). Homestyler can only issue notifications to Users in accordance with Article 33 or Article 34 of GDPR upon their prior instructions.
Clause 7. Obligations of User
The User is fully responsible for evaluating the acceptability of the commissioned data processing and protecting the rights of the relevant data subjects.
If User discovers any errors or violations in the data protection terms when checking their personal rights, they should immediately notify Homestyler in full.
User is responsible for the notification obligations stipulated in Articles 33 and 34 of GDPR.
Clause 8. User authority to issue instructions
Homestyler shall only process User data in accordance with User's instructions specifically expressed in the terms of this agreement and the provisions of the main agreement, unless the behavior is subject to legal constraints; In this case, Homestyler shall notify the User of these legal requirements, unless the relevant laws prohibit such notification on the grounds of significant public interest. Users may modify, revise, or replace individual instructions in written or textual form. Users have the right to issue instructions at any time. If it is necessary to issue instructions due to a violation of data protection regulations or the provisions for which Homestyler is responsible in this contract, there is no obligation to pay remuneration.
Users should immediately confirm verbal instructions in writing or text form (such as email).
If Homestyler believes that any instructions given by User violate legal provisions (Article 28 [3] [3] of GDPR), Homestyler shall immediately notify User. Hommestyler has the right to suspend the execution of corresponding instructions until confirmed or modified by User's responsible person.
Clause 9. Obligation of assistance
If, by virtue of applicable data protection laws, User is obliged vis-à-vis an individual to provide information or particulars on the processing of this person’s data or to guarantee the rights of data subjects in accordance with GDPR, Homestyler shall assist User in the fulfilment of these obligations with suitable technical and organisational measures in accordance with GDPR.
The demonstrable costs incurred (pure reimbursement of expenses) for providing the assistance according to paragraphs 1 , shall be reimbursed by User, unless the assistance is connected with a violation of data protection provisions or stipulations in this Agreement for which Homestyler is responsible.
Clause 10. Final provisions
Insofar as no special provisions are contained in this Agreement, the provisions of the Main Agreement apply. In case of contradictions between this Agreement and provisions from other contractual agreements, in particular from the Main Agreement, the provisions from this Agreement take precedence.
Any changes and supplements to this agreement and all its components, including any warranties provided by Homestyler or changes to attachments, require a written agreement that clearly states that this is a change or supplement to these terms. This also applies to exempting this form requirement.
Exclusive place of jurisdiction for all disputes arising from this Agreement follows the provisions of the main agreement.
Annex B
Technical and Organizational Measures (TOMs)
The technical and organizational measures (TOMs) provided below apply to all standard service offerings.
Provided by Homestyler Security except where User is responsible for security and privacy TOMs. Evidence of the measures implemented and maintained by Homestyler Security may be presented in the form of up-to-date attestations, reports or extracts from independent bodies upon request from the User.
I. Controls and Validation
1.User Access Management
The objective of user control is to prevent data processing systems from being used by unauthorised persons. Homestyler provides a resource access management platform, which includes an access control system based on RBAC,a data permission application and approval system, and an audit and review system. Data access control must ensure that authorised users of a data processing system can access data exclusively referring to their access rights and that data cannot be read, copied, modified or removed unauthorised during processing, use and after storage.
(1) Identification and authentication of users/password protection
(2) Automated verification of authorisations
(3) Introduction of access-restrictive measures (e.g. read-only authorisation)
(4) Time limitation of access options
(5) Use of encryption procedures
2.Separability
It must be ensured that data collected for different purposes can be processed separately.
Separation of testing and production systems
(1) User separation—logical separation of the data (e.g. different file directories)
(2) Use of different types of encryption
3.Input control
The possibility to subsequently verify and determine whether, and by whom, personal data was entered into, changed or removed from data processing systems must be ensured.
(1) Definition of entry authorisation
(2) Logging of logins
II.Authentication
Homestyler maintains policies and standards for accounts and passwords to protect user information. Industry-standard cryptographically strong hashing algorithms are implemented prior to storing user passwords or credentials,like salted hashing algorithm etc.All data design follows the regulatory foundation of GDPR: Privacy by design.
Homestyler provides Multi-Factor Authentication (MFA) for accessing sensitive information, for example, a password as the first verification factor and an email verification code or a phone verification as the second. Through STS (security token service), the system can issue temporary access credentials for a limited period of time.
III.Monitoring and Auditing
Homestyler utilizes real-time monitoring tools to detect unauthorized access attempts and provides offline audits through a big data platform.
IV.Security Incidents
Homestyler will maintain an incident response plan and follow documented incident response policies including data breach notification to Data Controller without undue delay where a breach is known or reasonably suspected to affect User Personal Data.
V.Risk Management
Homestyler will assess risks related to processing of Personal Data and create an action plan to mitigate identified risks.
VI.Security Policies
Homestyler will maintain and follow IT security policies and practices that are integral to Homestyler’s business and mandatory for all Homestyler employees, including supplemental personnel. IT security policies will be reviewed periodically and amend such policies as Homestyler deems reasonable to maintain protection of services and Content processed therein.
Homestyler employees will complete security and privacy education annually and certify each year that they will comply with Homestyler's ethical business conduct, confidentiality, and security policies, as set out in Homestyler's Business Conduct Guidelines. Additional policy and process training will be provided to persons granted administrative access to security components that is specific to their role within Homestyler’s operation and support of the service, and as required to maintain compliance and certifications.
VII.Threat and Vulnerability Management
Homestyler will maintain measures meant to identify, manage, mitigate and/or remediate vulnerabilities within Homestyler desigining environments.
Security measures include:
(1) Patch management
(2) Anti-virus / anti-malware
(3) Threat notification advisories
(4) Vulnerability scanning (all internal systems) and periodic penetration testing (Internet facing systems) within remediation of identified vulnerabilities
VIII.Security Program
Security Program. Homestyler will maintain a security program that establishes processes and safeguards designed to maintain security at an appropriate level.
Industry Standards. Homestyler’s security program is designed based on relevant industry standards, presently including but not limited to ISO 27001, ISO 27017, ISO 27018, and CIS Benchmarks.
Information Security Policy. Homestyler will maintain a written, enterprise-wide Information Security Policy designed to protect the confidentiality, integrity, and availability of User data. The Information Security Policy establishes written standards and guidelines regarding information security in Homestyler’s operations and the conduct of its personnel, including those relating to acceptable use, access control, authentication, device security, security monitoring, supplier security management, and incident management, among others.
Ⅸ.Data Production
Homestyler uses cloud security products to protect data (e.g., DDoS protection, WAF, cloud firewall), encrypts data during transmission (e.g., via HTTPS), and uses HMAC as a signature algorithm for anti-tampering. Security frameworks are also provided to ensure safety during processing (e.g., a logging framework with desensitization supporting masking, filtering, hashing, encryption). Industry-standard hashing or encryption algorithms are used for sensitive data storage, and different policies for data backup and restoration are provided for different categories of data.
Homestyler will not:
(a) retain, use, or disclose Personal Data except as necessary to provide the Services or as otherwise required by law;
(b) "sell” or “share” Personal Data
(c) retain, use, or disclose Personal Data outside of the direct business relationship between You and Homestyler;
Homestyler will notify You if Homestyler determines it can no longer meet its obligations to protect your Personal Data.
You may, upon reasonable notice to Homestyler, take reasonable and appropriate steps to stop and remediate unauthorized use of Personal Data related to Homestyler’s processing of the Personal Data.