Privacy Policy

Last update:
September 12, 2024

This Privacy policy (“Privacy Policy”), together with our Terms of Service, sets out the basis on which any Personal Information we collect from you (“you,” “your,” or “client”) or that you provide to us, will be processed by us. By “Personal Information,” we mean any information that, either alone or in combination with other data, enables you to be directly or indirectly identified, for example, your name, email address, username, contact details, or any unique identifier such as an IP address, device ID or another online identifier.

Please read the following carefully to understand what data we collect, how it is used, and how to share it. If you do not wish for your Personal Information to be used in the ways described within this Privacy Policy, then you should not access or use the website, services, functions, or features offered from time to time on the Services.

Certain subsidiaries may use different privacy policies to notify you about how your Personal Information is used and disclosed in your use of particular services or relationship to that subsidiary. To the extent that our subsidiaries post or reference different privacy policies, the privacy policy posted by each subsidiary, not this Privacy Policy, will apply to your Personal Information collected in the context of those services or by that subsidiary.

How we collect and use your Personal Information

“Personal Information” is information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household, such as your name, email address, IP address, telephone number, and broader categories of information such as your professional information and internet activity

We may collect Personal Information

Directly from you: such as any information about you that you give us by registering for a Capstone Limited account or corresponding with us by phone, e-mail, or otherwise. The information may include but is not limited to your name, address, telephone number, credit card information, certain financial information, email address, transaction history, and payment records.
Automatically, through our use of cookies and other data collection technologies on our website
From publicly available sources such as company websites, blogs, news articles, press releases, corporate records or reports, and
From other third-party sources, such as social media platforms, background check providers, data brokers, and third parties to whom you direct us to collect your Personal Information. We will treat Personal Information collected from third-party sources in accordance with this Privacy Policy. Still, we are not responsible or liable for the accuracy of the information provided by third parties or for third-party policies or practices.

Purposes for which we collect your Personal Information
We generally use your Personal Information for the following purposes

to properly identify you;
to deliver products and services to you;
to understand your needs and your eligibility for products and services;
to establish and maintain a responsible commercial relationship with you;
to develop, enhance, and market products and services and provide products and services to you;
to process billing and collection of any fees;
to conduct surveys and get feedback from you. You may opt-out of receiving certain promotional e-mail messages from us as described in the “Opt-out” section below;
to meet our legal and regulatory requirements;
to process your inquiries or respond to questions, comments, or concerns regarding Capstone Limited;
to recruit for positions at Capstone Limited;

It is important that the Personal Information we hold about you is accurate and current. Please keep us informed if your Personal Information changes during your relationship.

How we Disclose your Personal Information
We may share your Personal Information in the following circumstances:

Service Providers

We may share your Personal Information with companies or individuals that we contract with in order to receive services (our “Service Providers”). These services may include, among other things, providing products or services to you on our behalf, creating or maintaining our databases, payment processing, researching and analyzing the people who request information from us, preparing distribution communications, or responding to inquiries. We do not allow our Service Providers to use or disclose your Personal Information for any purpose other than providing services to us.

Affiliates and Subsidiaries

We may share your Personal Information with companies that we own or control, or that own or control us, or that are under common ownership or control.

Third Parties

We may share your Personal Information with companies or individuals outside of CLTS who may use your Personal Information for their own purposes (a “Third Party”). For example:

From time to time, we may be required to provide Personal Information to a Third Party in response to a court order, subpoena, government investigation, or as otherwise required by law.
We may share your Personal Information with Third Parties, such as law enforcement agencies, when we, in good faith, believe: (i) you or others are acting unlawfully, (ii) when we believe it is necessary or appropriate to satisfy any law, regulation or other governmental request, (iii) to operate our business and Sites properly, or (iv) to protect or defend our rights or the rights or well-being of our users, even without a subpoena, warrant or court order.

A Reorganization Event

We may, as a result of a sale, merger, consolidation, change in control, transfer of assets, reorganization or liquidation of our company (a “Reorganization Event”), transfer, sell or assign your Personal Information to parties involved in the Reorganization Event. You acknowledge that such transfers may occur and are permitted by and subject to this Privacy Policy.

Security and Confidentiality

Capstone Limited is committed to protecting your privacy. Internally, only people with a business need to know Personal Information or whose duties reasonably require access to it are granted access to clients ’Personal Information. Such individuals will only process your Personal Information on our instructions and are subject to a duty of confidentiality.

Cookies Data and Other Technologies:

We use cookies and similar tracking technologies, such as web beacons and pixels, to track activity on our Services and hold certain information. Cookies are files with a small amount of data that may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. If you choose to restrict cookies, some functionality and features of our website may be unavailable.

Examples of Cookies we use

Necessary cookies - these are used for technical reasons and are necessary to enable the Services to operate efficiently so that you can easily navigate the Services and use specific features. These include, for example, cookies that help us to debug any errors. If these cookies are blocked or disabled, some of the Services may not operate effectively.
Preference cookies - these are used to improve the functionality of the Services and make it easier to use. They help us to identify you as a repeat user of the Services and help us remember your preferences (for example, your choice of language or region).
Analytical - These record your visit to our Services, the pages you visited, and the links you followed. We will use this information to make the Services and the advertising displayed (if any) more relevant to your interests. We may also share this information with third parties for this purpose.

Marketing Opt-Out

You may unsubscribe from receiving promotional emails from us by following the instructions in those email communications or emailing us at support@capstone.cn.com. Please note that even if you opt out of receiving promotional communications from us, we may continue to send you non-promotional emails, such as communications regarding our ongoing relationship with you.

The European Union’s General Data Protection Regulation

The General Data Protection Regulation (GDPR) harmonizes national data privacy laws throughout the European Union (EU) and enhances the protection of all EU residents with respect to their personal data. The GDPR applies to all companies handling the personal data of EU residents, including companies established outside the EU, if they offer goods or services to EU residents.

In 2001, the EU recognized Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) as providing adequate protection. Canada’s adequacy status ensures that data processed in accordance with GDPR can be subsequently transferred from the EU to Canada without requiring additional data protection safeguards or authorization to transfer the data.

Disclosures to Individuals in the European Union

We are required to comply with the European Union (“EU”) General Data Protection Regulation and applicable local laws about certain Personal Information we collect. For such Personal Information, the CLTS entity identified at the time of collection is the data controller of the Personal Information. In this section, “Personal Information” is defined in accordance with the General Data Protection Regulation

We collect your Personal Information, detailed in “How We Collect and Use Your Personal Information,” under the following lawful bases:

Use of Your Personal Information	Categories of Personal Information	Lawful Basis for Processing
Onboard customers or suppliers, maintain or service accounts, process requests, verify identity, and perform other activities.	Direct Identifiers, Commercial Information, Internet Activity Information, Professional and Employment-Related Information, Profile Information	Depending on circumstances, processing may be based on contract, consent, or legitimate interests.
Improve services, run analytics, assess quality, confirm balances, manage financial transactions.	Direct Identifiers, Commercial Information, Internet Activity Information, Professional and Employment-Related Information	Processing may be based on contract or legitimate interests.
Send marketing communications.	Direct Identifiers, Commercial Information, Internet Activity Information, Professional and Employment-Related Information, Profile Information	Processing may be based on consent or legitimate interests
Administer and improve websites.	Direct Identifiers, Commercial Information, Internet Activity Information, Professional and Employment-Related Information, Profile Information	Processing may be based on consent or legitimate interests.
Ensure security and prevent accidental disclosure or fraud.	Direct Identifiers, Commercial Information, Internet Activity Information, Professional and Employment-Related Information, Profile Information	Processing is based on legal obligations and legitimate interests.

If we need to collect Personal Information by law or under the terms of a contract we have with you and you fail to provide us with the requested information, we may not be able to perform the contract we have or are trying to enter into with you. We will inform you of any mandatory Personal Information we require from you and the consequences if you fail to provide it.

Security

We maintain appropriate technical and organizational safeguards designed to help protect Personal Information from unauthorized disclosure or access and accidental or unlawful destruction, loss, or alteration. For example, we limit access to your Personal Information to authorized parties and have systems designed to ensure that we can restore availability and access to Personal Information in case of a physical or technical incident. Although we reasonably safeguard personal information, we cannot guarantee the security of personal information obtained or stored electronically.

Data Retention

We will store your Personal Information for no longer than is necessary to perform our obligations or to achieve the purposes for which the Personal Information was collected or as may be permitted under applicable law. To determine the appropriate retention period, we will consider the amount, nature, and sensitivity of the Personal Information; the potential risk of harm from unauthorized use or disclosure of the Personal Information; the purposes for which we process the Personal Information and whether we can achieve those purposes through other means; and the applicable legal requirements. Unless otherwise required by applicable law, at the end of the retention period, we will remove Personal Information from our systems and records or take appropriate steps to anonymize it properly.

Changes to Our Privacy Policy

We may occasionally update this Privacy Policy to reflect changes in our practices. When we post modifications, we will revise the “Last Updated” date at the top of this web page.

Please periodically review this page for the latest information on our privacy practices.

Contact Us

If you should have any questions or concerns regarding this Privacy Policy, please contact us via support@capstone.cn.com