Sangfor Privacy Policy

Sangfor Technologies (Hong Kong) Limited and its subsidiaries (collectively, “We” and “our”) attach great importance to the security of your personal data seriously. Collecting, using, sharing or transferring of your personal data may be conducted upon you visit our website, use our products and/or services based on your consent, contract relationship or any applicable legal ground.

SANGFOR Privacy Policy (hereinafter referred to as “this Policy”) represents how we collect, use, store, transfer your personal data as well as your legitimate rights to access, update, delete, and protect your personal data.

You are required to get full understanding of this Policy before submitting your personal data to SANGFOR. This Policy applies to SANGFOR websites, products, services that display or provide links to this Policy.

SANGFOR will ensure that any personal data we collect about you will be held and processed strictly in accordance with the European General Data Protection Regulation (GDPR) which become effective on 25th May 2018.

Considering SANGFOR provides various kinds of products and services, this Policy may not cover all possible scenarios for personal data processing. Any specific data relating to the processing of personal data in the context of SANGFOR’s products or services may be described in the privacy policy of related products or services or maybe released in any notice that is given during the collection of data.

Collection and use personal data

"Personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

The aforementioned personal data maybe be collected by your behavior of using our products, services, or when you interact with us, such as visiting our website, registering relevant accounts, participating in our events. Besides, by using cookies and other similar technologies, our websites may indirectly record your personal data. When you use SANGFOR website, we may collect certain data automatically from your computers or devices (including mobile devices). The data we collect automatically may include your IP address, device type, operating system, unique device identifiers, browser type, browser language, geographic location and other technical information. We may also collect data about how your device has communicated with SANGFOR Website, including the pages viewed, the links clicked, the amount of time spent on particular pages, mouse hovers, the date and time of the interaction, error logs, referring and exit pages and URLs, and similar information. We use this information only for our analytical purposes, and to improve the quality, relevance, and security of SANGFOR website.

Our website collects and uses personal data through the following methods:

Our website site analytics tool such as Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how you found us, how you are using our website, and to see the journey you took through the website. All of these are used only for the purpose of improving our website to provide you with the best user experience. Disabling cookies on your internet browser will stop Google Analytics from tracking any part of your visit to pages within this website. We also use another analytic tool called AroundDeal, which is used to help us understand which companies are visiting our website and are interested in our products & solutions. This information is shared with AroundDeal and processed at the company level — no individual personal data is exposed. More information about AroundDeal’s privacy policy can be found at

Should you choose to contact us using the contact form on our Contact us page OR Free trial page OR Application Form for new Partners, the data that you supply will be stored by this website and send out into an email over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected with TLS/SSL encryption meaning that the email is sent over an encrypted connection using SHA-2, 256-bit cryptography and received by Gmail’s secure servers.

If you choose to join our email newsletter or if provided with your email during an event or other circumstances, the email address that you submit to us will be forwarded and stored in Oracle Eloqua which provides us with email marketing services. The email address that you submit will not be stored within this website’s own database or in any of our internal computer systems, except for the purpose of importing the data into Oracle Eloqua.

Your email address will remain within Oracle Eloqua's database for as long as we continue to use Oracle Eloqua's services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter. While your email address remains within Oracle Eloqua's database, you may receive periodic newsletter emails from us.

We use several third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the GDPR legislation. All two of these third parties are based in the USA and are EU-US Privacy Shield compliant.

We may collect your personal data for business purposes such as sending solicited information about a specific item or information about products or Company, perform market research & analytics to improve our services & product offerings. Besides, we may supply such above personal data to third parties for business purposes or marketing based on your consent.

Should the purposes of using your personal data are not included in this Policy, we will obtain your prior consent before we implementing the relevant purpose. Moreover, you are entitled to withdraw your consent at any time in compliance with the laws and regulations, but this maybe causes the function limitation of the website, product or service.

Please be fully noted that we are entitled to collect and use your personal data without your prior consent under any of the corresponding circumstances in compliance with any applicable laws and regulations.

2. Cookies and Other Similar Technologies

Like most sites, we use technologies that are essentially small data files placed on your computer, tablet, mobile phone, or other devices (referred to collectively as a "device") that allow us to record certain pieces of data whenever you visit or interact with our sites, services, applications, messaging, and tools, and to recognize you across devices.

The specific names and types of the cookies, unique identifiers, and similar technologies we use to collect data (e.g. about the pages you view, the links you click, and other actions you take on our Services, within our advertising or e-mail content) may change from time to time. In order to help you better understand this Policy and our use of such technologies we have provided the following limited terminology and definitions:

Cookies – Small text files (typically made up of letters and numbers) placed in the memory of your browser or device when you visit a website or view a message. Cookies allow a website to recognize a particular device or browser.

Similar technologies – Technologies that store personal data in your browser or device utilizing local shared objects or local storage, such as flash cookies, HTML 5 cookies, and other web application software methods. These technologies can operate across all of your browsers, and in some instances may not be fully managed by your browser and may require management directly through your installed applications or device. We do not use these technologies for storing personal data to target advertising to you on or off our sites.

We may use the terms "cookies" or "similar technologies" interchangeably in our policies to refer to all technologies that we may use to store data in your browser or device or that collect data or help us identify you in the manner described above.

3. Rights to your personal data
If you submit your personal data to us, please ensure the accuracy of such data. If your personal data has changed (for instance, your address has been changed), you are obliged to update your personal data in a timely manner.

For requirements by applicable laws, you may: (1) have access to your personal data we have held; (2) update or correct any of your inaccurate personal data; (3) restrict or object to allow us to process your personal data; and (4) require us to erasure your personal data, and (5) require us to comply with your request for data portability (6) withdraw your consent at any time which will not affect the lawfulness of processing based on consent before (7) lodge a complaint with the corresponding supervisory authority.

When you claim the said rights, we may require you to submit a written request and may verify your identity. Usually, we do not charge anything for such processes unless your request goes beyond the limit of conventional requirements.

4. Protection and Storage of Personal data
We recognize the need to ensure that personal information gathered via this website remains secure. Our site has security measures in place to protect against the loss, misuse, and alteration of the personal information under our control. Our security measures include the use of a hardware firewall to prevent unauthorized access. You acknowledge that although we exercise adequate care and security, there remains a risk that information transmitted over the Internet and stored by a computer may be intercepted or accessed by an unauthorized third-party.

Your Personal Data will be stored for a maximum period of 6 (six) years, after which time it will be destroyed if it is no longer required for the lawful purpose(s) for which it was obtained. With your consent, any data we use for this purpose will be kept with us until you notify us that you no longer wish to receive this data unless we request your consent to store it for a longer period.

5. Cross-border Transfer of Personal data
Generally, we will process your personal data in the country/region where you use our products or services.

6. Breach Notification
In line with the GDPR, where a breach is known to have occurred which is likely to result in a risk to the rights and freedoms of individuals, the relevant Data Protection Authority (DPA) will be informed within 72 hours, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, Sangfor informs the supervisory authority of the reasons for the delay. This will be managed in accordance with our Information Security Incident Response Procedure which sets out the overall process of handling information security incidents.

7.  Update of this Policy
This privacy policy may change from time to time inline with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes.

8. Contact Us
If you have any questions about this Policy or have any request or query for your personal data, please send an email to to contact us.