Privacy Policy
I. How We Collect Your Information
- Information directly provided during account registration:
Name, email address, phone number, address. When placing an order: payment information (credit card numbers are encrypted), delivery address. When contacting customer service: chat records, feedback content. - Automatically collected information
- Device information: IP address, browser type, network.
Usage behavior: visited pages, click traffic, and duration of stay recorded via Cookies. Location data: obtained based on IP address or GPS (only after authorization on mobile devices).
- Third-party sources
Transaction status shared by cooperative payment platforms (e.g., PayPal, Stripe).
Public data provided when logging in via social media accounts (e.g., Facebook, Google).
II. How We Use Your Information
| Purpose | Effect |
|---|---|
| Fulfilling contracts | Processing orders, shipping, after-sales support |
| User account management | Password reset, secure login verification |
| Personalized services | Product recommendations, sending coupons |
| Compliance and security | Fraud prevention, hacking attack prevention |
| Data analysis | Optimizing website performance, improving products |
III. Cookies and Tracking Technologies
- Necessary Cookies
Function: maintaining shopping cart status, user login sessions. Cannot be disabled; otherwise, the website cannot function properly. - Analytical Cookies (e.g., Google Analytics)
Purpose: statistical analysis of traffic sources, page conversion rates.
You can refuse via browser settings. - Advertising Cookies (e.g., Facebook Pixel)
Purpose: delivering targeted ads, tracking ad effectiveness.
IV. Information Sharing and Disclosure
We will not disclose personal information to the public and will only share it in the following circumstances:
Service expansion: logistics companies, payment processors, cloud service providers (e.g., AWS).
Legal requirements: responding to court subpoenas, investigations.
Business transactions: transferring data during company mergers, acquisitions.
We will not disclose personal information to the public and will only share it in the following circumstances:
Service expansion: logistics companies, payment processors, cloud service providers (e.g., AWS).
Legal requirements: responding to court subpoenas, investigations.
Business transactions: transferring data during company mergers, acquisitions.
Cross-border transfer note:
If data is transferred from [the EU] to [the US/Asia], we will use Standard Contractual Clauses (SCCs) or GDPR-certified security mechanisms.
If data is transferred from [the EU] to [the US/Asia], we will use Standard Contractual Clauses (SCCs) or GDPR-certified security mechanisms.
V. Your Rights
Under regulations such as GDPR (EU) and CCPA (California), you have the right to:
Under regulations such as GDPR (EU) and CCPA (California), you have the right to:
- Access and export: obtain copies of personal information (in CSV/JSON format).
- Correction and deletion: modify incorrect information or request account cancellation.
- Restriction of processing: suspend marketing emails (click “Unsubscribe” at the bottom).
VI. Data Retention Period
Active users: retained continuously until 6 months after account cancellation.
Transaction records: retained for 7 years as required by tax laws.
Cookie data: automatically cleared after 13 months.
Active users: retained continuously until 6 months after account cancellation.
Transaction records: retained for 7 years as required by tax laws.
Cookie data: automatically cleared after 13 months.
VII. Children’s Privacy
This website is not targeted at children under 13 years of age.
If it is found that children’s data has been collected by mistake, it will be deleted immediately.
This website is not targeted at children under 13 years of age.
If it is found that children’s data has been collected by mistake, it will be deleted immediately.
VIII. Security Measures
Technical aspects: SSL encrypted transmission, AES-256 storage encryption, regular penetration testing.
Management aspects: employee privacy training, least privilege access control.
Technical aspects: SSL encrypted transmission, AES-256 storage encryption, regular penetration testing.
Management aspects: employee privacy training, least privilege access control.
IX. Policy Updates
Major changes (e.g., expansion of data usage) will be notified via in-site banners or emails.
Major changes (e.g., expansion of data usage) will be notified via in-site banners or emails.
Date: 2023-6-26