Update Date: June 12, 2025
Effective Date: June 12, 2025
This Privacy Policy (hereinafter referred to as "this Policy") applies to the global express locker services provided by Luoyang Baiwei Software Co., Ltd. (hereinafter referred to as "Baiwei Software" or "we") through the "International Express Locker" APP, official website, WeChat Official Account, Mini Program, and other platforms. This APP supports multiple language interfaces (including Chinese, English, Russian, etc.), and this Policy applies regardless of whether your sending/receiving location is within China or abroad (including but not limited to countries such as Kyrgyzstan, Russia, etc.).
In addition to this Privacy Policy, in specific scenarios, we may also explain the corresponding information collection purposes, scope, and usage methods through immediate notifications (including pop-ups, page prompts, etc.) and feature update descriptions. These immediate notifications and feature update descriptions form part of this Privacy Policy and have the same effect as this Policy.
Baiwei Software deeply understands the importance of personal information to you and will do its utmost to protect your personal information security. We will help you understand our personal information protection principles, collection and processing methods, protection measures, and how you can manage your personal information in a concise, clear, and easy-to-understand manner. Before using our products, please read this Policy carefully to better understand our services.
This Policy will help you understand the following content. For sensitive personal information fields and terms that may have a significant impact on your personal information rights, we will highlight them in bold font. Please pay special attention and make your choice after full understanding:
We follow the principles of legality, legitimacy, and necessity, collecting and using personal information based on the basic and extended functions needed to provide you with services. The following will detail the collection and usage of information.
We provide you with basic functions of express locker services, including registration and login, storage and retrieval operations, real-name authentication, fee payment, express query, message push, customer service, and security protection. The necessary personal information collected when providing basic functions is essential for fulfilling the service contract or complying with mandatory legal obligations. If you do not provide it, you will not be able to use the relevant services.
You need to provide a phone number to complete registration and login. We will collect and process your phone number for human-machine verification by ourselves or through technical service partners. When not logged in, you can browse product introductions but cannot use services such as storage and retrieval.
When you use the storage or retrieval function, we will collect order information and generate storage and retrieval information including sender and recipient names, addresses, phone numbers (mobile or landline), item types, fees, etc. To ensure express safety, we will use your phone number, address, and item type to identify whether it may contain illegal or prohibited items. You can also voluntarily supplement information such as the company name of the sender/recipient.
After completing storage, we will provide services such as express storage, transfer, and retrieval notification. When necessary, we will entrust express service partners to assist in completing express transfer. Whether you use domestic or cross-border express locker services, the corresponding services are provided by us or affiliated companies.
To fulfill the real-name delivery obligations required by laws and regulations, we need to collect, identify, and verify your ID document information (ID number, name) by ourselves or through authentication service partners before you use the delivery service. If you choose facial recognition authentication, we will collect and process your facial recognition information through authentication service partners, but only obtain the recognition results and do not save this information.
If it is identified during the authentication process that you are a minor under 14 years old, we will prompt you and your guardian to read and agree to the "Children's Personal Information Protection Rules".
When you pay service fees, we will collect order transaction amounts. According to your chosen payment channel, we will collect, generate, and process payment order numbers, transaction amounts, member IDs, phone numbers, and WeChat openIDs through payment service partners.
When using the online self-service query function, we will display your storage and retrieval orders and information within a certain period, including sender/recipient information (name, phone, address), item information (type, weight, quantity), fee payment information, receipt information (time, method, receipt), etc. We will display express transfer trajectories through map service partners. If querying through the official website, device identification codes and IP addresses are collected in non-logged-in state, and phone numbers are collected after login, and query services are provided after verification through technical service partners.
To promptly push logistics or operational messages, we will use push service SDKs and third-party platform-adapted push SDKs to transmit your device identification code. You can choose to have online conversations with couriers, and we will provide instant messaging services through technical service partners and collect and process conversation text.
To resolve your service requests, we may collect your communication records with customer service and audio/video recordings of the delivery process with couriers. When using customer service and after-sales service, we will use your order and storage/retrieval information (sender/recipient information, item information, fee information, receipt information, etc.), account name/nickname, complaint records, communication content, audio/video recordings, etc. through robot and manual customer service.
To improve service quality, when you are dissatisfied with the service or file a complaint, we will send satisfaction survey questionnaires to collect your evaluation information. For customers with poor ratings and poor experiences, we will conduct phone follow-ups and record follow-up information to optimize services.
To ensure transaction security, prevent network illegal activities, and respond to security incidents, we will use your name, phone number, address, IP address, WeChat openID, operation logs, device identification codes (Android ID, IMEI, etc.), carrier information, communication records, etc. To prevent network risks, we only process the list of installed applications locally on the device and do not upload it to the server.
When you choose to use account management and other types of extended business functions, we need to collect corresponding necessary personal information. If you do not agree, you will not be able to use the extended functions, but this will not affect the use of basic functions. Under extended functions, you can also voluntarily choose to provide non-necessary personal information, and not providing it will not affect function implementation.
In addition to basic and extended functions, your personal information will also be used in the following reasonable related scenarios:
We may apply for device permission authorization based on functional requirements. For details, please check the "Permission Call List". You can change the authorization scope by modifying device permission settings or through APP [My-Settings-Permission Management].
According to laws, regulations, and national standards, in the following circumstances, collecting and using personal information does not require your consent:
We provide personal information to partners based on legal, legitimate, and necessary purposes, when there is a legal processing reason, and sign agreements with receiving parties, requiring them to process information according to this Policy and security measures.
Unless we obtain your separate consent, we will not actively publicly disclose your personal information.
Same as the circumstances in Article 1.8 where authorization consent is not required.
We use security protection measures that meet industry standards to protect your personal information, preventing unauthorized access, use, modification, etc.
Establish an information security department, build a data security protection system, including classification and grading, encrypted storage, permission control, system formulation, employee training, etc., only retaining personal information for the necessary period.
If a personal information security incident occurs, we will promptly inform you of the incident situation, impact, disposal measures, remedial suggestions, etc. according to legal requirements. If you discover information leakage, immediately inform us through contact methods, and we will handle it promptly.
We have passed the National Information Security Level Protection (Level 3) filing and evaluation, and have obtained ISO27001 information security certification and ISO27701 privacy information management certification.
We guarantee your rights in personal information processing activities, including:
You can access personal information by logging into relevant platforms. When technically feasible, we provide copy or export functions. When conditions are met, personal information can be transmitted to designated third parties. You can make requests through contact methods.
You can correct and supplement avatar, nickname, gender, region, bound phone number, WeChat account, and other information through APP [My-Avatar] and other paths.
Under circumstances where the processing purpose has been achieved, service has been stopped, consent has been withdrawn, etc., you can make deletion requests through contact methods. Some information can be directly deleted on function pages. For information where the legal retention period has not expired or is technically difficult to delete, processing other than storage and security protection will be stopped.
You can withdraw consent on function pages or change system permission authorization through APP [My-Settings-Permission Management]. After withdrawing consent, we will no longer process the corresponding information, but this will not affect previous processing. You can close commercial marketing information through unsubscribe methods, APP settings, etc.
You can submit cancellation applications through APP [My-Settings-Account Cancellation], Mini Program, or official website. Monthly settlement accounts can contact sales personnel. After cancellation, we will stop services, delete or anonymize personal information, except as otherwise provided by laws and regulations. After cancellation, account information, etc. may not be recoverable, and you will still be responsible for actions before cancellation.
Deceased's close relatives can exercise rights such as access, copy, correction, and deletion of the deceased's personal information through contact methods, need to submit relevant proof documents, and specific procedures can be obtained through contact methods.
If we make decisions that may significantly affect your legitimate rights and interests solely through automated decision-making mechanisms, you have the right to request explanation and refuse the decision. We will provide relief methods, such as explaining decision logic or introducing manual review.
You can exercise rights through contact methods, and we will reply within fifteen working days. To ensure security, we need to verify your identity. Reasonable requests are generally free of charge. For repeated requests or requests exceeding reasonable limits, we may charge cost fees. For unrealistic requests, we may refuse.
In non-logged-in state, due to technical limitations, we cannot determine whether you are a child. We will use information according to the authorized scope and protect it. During registration, login, or real-name verification, if it is identified that you are a child, without guardian consent, you should not register or use services. If you need to use services, guardians need to read and agree to the "Children's Personal Information Protection Rules". We only use children's personal information when permitted by laws and regulations, with guardian consent, and when necessary to protect children. If we discover collection of children's information without guardian consent, we will delete it as soon as possible.
In principle, personal information collected and generated in the People's Republic of China is stored within the territory. If personal information needs to be transmitted abroad (such as Kyrgyzstan, Russia, etc.) due to global service needs, we will comply with legal requirements regarding personal information export and ensure personal information receives equal protection.
We save your data for the period required by laws and regulations and the time needed to achieve service purposes (for example, the "Express Service" national standard stipulates that electronic waybill archives should be kept for no less than 3 years).
Before stopping service provision, we will notify you through announcements, message pushes, etc. When stopping services, we will promptly stop processing personal information and delete or anonymize held personal information within a reasonable period.
If you have questions, opinions, or suggestions, you can contact us through the following methods, and we will generally reply within fifteen working days:
If you are not satisfied with the response, you can complain to relevant regulatory authorities or file a lawsuit with the competent people's court in Luoyang City.
Refers to various information recorded in electronic or other ways related to identified or identifiable natural persons, such as phone numbers, accounts, IP addresses, device identification codes, etc.
Refers to information that, once leaked or illegally used, easily leads to infringement of natural persons' dignity or harm to personal and property safety, including biometric identification, religious beliefs, specific identity, medical health, financial accounts, travel tracks, etc., and personal information of minors under fourteen years old.
Refers to organizations or individuals who independently decide the purpose and method of processing in personal information processing activities.
Includes collection, storage, use, processing, transmission, provision, disclosure, and deletion of personal information.
Refers to personal information processors providing personal information to other personal information processors, and the receiving party processes within the scope of the informed processing purpose, method, and information types.
Refers to personal information processors entrusting trustees to process personal information and supervising their activities. Trustees shall not sub-entrust without authorization.
Refers to the process of processing personal information so that it cannot identify specific natural persons and cannot be restored.
Refers to entities directly or indirectly controlled by Luoyang Baiwei Software Co., Ltd., or companies or legal entities under common control with the company. The specific scope is subject to the latest information officially published by the company.