We also provide a Simplified Chinese version of this document.
This paper is based on the EU General Data Protection Regulation and its related policy documents, where the principle of data sharing exemptions is intended to safeguard the interests of other users or society as a whole, as well as order.
Generally, when we carry out data processing, your personal data will only be processed by automated processes, i.e. no organization or individual will have access to any of your data while it is being processed, and this article sets out when we may process or transfer your personal data without notifying you.
We take the privacy of our users very seriously, but as a legitimate operator, we also recognize that in some cases, law enforcement can legally and compliantly request data necessary to ensure the safety of our users and us and to prevent misuse of the technology, and we try to find the best possible balance between legality and privacy.
Amount of data disclosed
As of today, the total amount of each data we have disclosed to law enforcement agencies is zero.
Transparency reports
We publish transparency reports each quarter (or not if there are no data requests for that quarter) that contain the total number of data requests, denials, and eventual disclosures from law enforcement in each region.
Even if the relevant data request is accompanied by a confidentiality order, we will add it to the total number of data requests, with the difference that data requests accompanied by a confidentiality order may be delayed in disclosure to the relevant data subject.
Strict scrutiny of the identity of the requester
We do not accept data requests from individuals.
Our Compliance Department only accepts data requests from certified law enforcement agencies in connection with criminal cases. Each request is subject to rigorous review by the Compliance Department and will be disclosed to the relevant data subject after the fact. Depending on the type of data requested, we require a written search warrant or court subpoena from the requesting party.
For non-content data (referred to in the law as non-content data)
Required: Summons or local document of the same legal nature.
For content data (referred to in the law as content data)
Required: Search warrant, court order or local document of the same legal nature.
In addition, we clearly delineate the boundaries of data provision to governments in strict compliance with relevant national laws and international human rights standards. We also challenge requests when there is a legitimate basis for doing so, to ensure that the rights of data subjects are safeguarded.
Transparency policy
For general data requests, we will send a data disclosure notice to the data subject. (If the data request is accompanied by a confidentiality order, the disclosure notice may be delayed.)
Strict control over the scope of data disclosure
When disclosing data, we follow the principle of data minimization and, as far as possible, provide only the necessary information.