Privacy Policy

Foreword

With the following Privacy Policy, we would like to inform you about the type, purpose and scope of our processing of your personal data (hereinafter also referred to as “Data”). This Privacy Policy applies to all processing of personal data by us in the provision of our services, in particular on our websites, mobile applications and external online presence (such as our social media profiles, hereinafter collectively referred to as “Online Services”).

The terms used are gender-neutral.

Status: 23 April 2025

Table of contents

  • Preface
  • Responsible person
  • Contact data protection officer
  • Overview of processing operations
  • Relevant legal bases
  • Security measures
  • Transfer of personal data
  • International data transfers
  • Retention and deletion of data
  • Rights of data subjects
  • Business services
  • Payment procedures
  • Provision of online services and website hosting services
  • Use of cookies
  • Registration, login and user accounts
  • Contact and inquiry management
  • Cloud services
  • Web analytics, monitoring and optimization
  • Online marketing
  • Customer reviews and evaluation programs
  • Social networks (social media)
  • Plug-ins, embedded functions and content
  • Modifications and updates
  • Definition of terms
Responsible person

Chengdu Junte Technology Co., Ltd.

No. 619, 6th Floor, No. 555 Xinyu Road, High-tech Zone, Chengdu,Sichuan Province, 610000

E-mail address: info@lvfubattery.com

Legal Notice: https://lvfubattery/Legal Notice/

Types of data processed

  • Inventory data.
  • Payment details.
  • Contact details.
  • Content data.
  • Contract data.
  • Usage data.
  • Meta, communication and program data.
  • Event data (Facebook).

Categories of data subjects

  • Service recipients and customers.
  • Employees.
  • Interested parties.
  • Communication partners.
  • Users.
  • Business and contractual partners.

Purposes of processing

  • Provision of contractual services and fulfillment of contractual obligations.
  • Communication.
  • Security measures.
  • Reach measurement.
  • Tracking.
  • Office and organizational procedures.
  • Remarketing.
  • Conversion measurement.
  • Click tracking.
  • Formation of target groups.
  • Management and response to inquiries.
  • Content distribution network (CDN).
  • Feedback.
  • Marketing.
  • Personal data containing information about the user.
  • Provision of our online services and user-friendliness.
  • Information technology infrastructure.

Legal Basis

We will process your personal data in accordance with applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR) of the European Union, the Personal Information Protection Law (PIPL) of China, the California Consumer Privacy Act (CCPA/CPRA), and the Personal Data Protection Act 2010 (PDPA) of Malaysia.

Legal Basis under the GDPR

Below is an overview of the legal bases on which we process personal data in accordance with the General Data Protection Regulation (GDPR). Please note that, in addition to the provisions of the GDPR, national data protection laws of your or our country of residence or domicile may also apply. If more specific legal bases apply in individual cases, we will inform you of them in our Privacy Policy.

  • Consent (Art. 6 para. 1 sentence 1 lit. a GDPR) – The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Contract performance and pre-contractual measures (Art. 6 para. 1 sentence 1 lit. b GDPR) – Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR) – Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

German National Data Protection Law

In addition to the data protection regulations under the GDPR, national data protection laws of Germany also apply. In particular, this includes the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), which aims to prevent the misuse of personal data during data processing.

The BDSG contains specific provisions regarding the right to information, right to erasure, right to object, the processing of special categories of personal data, processing and transfer for other purposes, and automated individual decision-making (including profiling) in individual cases.

Furthermore, data protection laws of the individual German federal states may also apply, depending on the context and jurisdiction.

Swiss Data Protection Law

If you are located in Switzerland, we process your personal data in accordance with the Federal Act on Data Protection (FADP), effective from September 1, 2023. The Swiss FADP also applies if our data processing affects you in Switzerland and you are impacted by that processing.

Unlike the GDPR, the Swiss FADP generally does not require a specific legal basis for the processing of personal data. Instead, we process personal data in good faith, lawfully, and proportionately (Art. 6 paras. 1 and 2 FADP). Furthermore, we only collect personal data for specific and identifiable purposes and process it in a manner compatible with those purposes (Art. 6 para. 3 FADP).

Reference to the GDPR and Swiss FADP

This privacy notice is intended to provide information in accordance with both the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR). Please note that, due to the broader geographical scope and more widely recognized terminology of the GDPR, we refer to terms defined by the GDPR. These include terms such as “processing,” “personal data,” “legitimate interest,” and “special categories of data.”

These terms may differ from those used in the Swiss FADP, such as “processing,” “personal data,” “overriding interests,” and “sensitive personal data.” However, the legal interpretation of these terms remains governed by the Swiss FADP where applicable.

U.S. Data Protection Laws

If you are located in the United States, particularly in California, we process your personal data in accordance with applicable state-level data protection laws, primarily the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

The CCPA/CPRA grants California residents specific rights regarding their personal information, including:

  • The right to know what personal data we collect, use, disclose, and sell.
  • The right to request deletion of personal data we hold about you.
  • The right to opt-out of the sale or sharing of personal data.
  • The right to correct inaccurate personal information.
  • The right to limit the use and disclosure of sensitive personal information.
  • The right not to be discriminated against for exercising these rights.

We do not sell personal data as defined under the CCPA/CPRA. However, if we engage in any activity that constitutes “sharing” under California law (e.g., for cross-context behavioral advertising), we will provide you with the opportunity to opt out.

Please note that U.S. federal law does not currently provide a single, comprehensive data protection framework. Instead, data privacy is regulated through a patchwork of state laws and sector-specific federal regulations (such as HIPAA for health data and GLBA for financial data). Where applicable, we comply with relevant laws in the jurisdictions in which we operate.

Security Measures

We implement appropriate technical and organizational measures in accordance with legal requirements to ensure a level of security appropriate to the risk. These measures take into account the state of the art, implementation costs, the nature, scope, context, and purposes of the processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons.

These measures specifically include safeguards to ensure the confidentiality, integrity, and availability of data through controls over physical and electronic access to data, as well as access controls, input controls, disclosure controls, availability assurance, and data separation.

In addition, we have established procedures to ensure the exercise of data subject rights, deletion of data, and response to data-related threats.

In line with data protection principles, we also consider data protection through technological design and privacy-friendly default settings during the development and selection of hardware, software, and processes.Secure Online Connection with TLS/SSL Encryption (HTTPS) toprotect user data transmitted via our online services against unauthorized access, we use TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are fundamental technologies for secure data transmission on the internet. These technologies encrypt the information exchanged between the website or application and the user’s browser (or between two servers), safeguarding it from unauthorized access.

TLS, the more advanced and secure version of SSL, ensures that all data transmissions meet the highest security standards. When a website uses SSL/TLS certificates, the URL will display HTTPS, indicating that your data is being transmitted securely and in encrypted form.

Transfer of Personal Data

In the course of processing personal data, we may transfer or disclose such data to other entities, companies, legally independent organizational units, or individuals. For example, recipients of this data may include service providers entrusted with IT tasks or providers of services and content integrated into our website. In such cases, we comply with legal requirements and enter into appropriate contracts or agreements with the recipients of your data to ensure its protection.

Internal Data Transfers within the Organization or Group of Companies:We may transfer personal data to other companies within our corporate group or grant them access to this data. If the transfer is for administrative purposes, it is based on our legitimate business and commercial interests, or to fulfill contractual obligations, or where the data subject has given consent or the law permits such transfer.

International Data Transfers

International Data Transfers:If we process data in a third country, or in the context of using third-party services, or by disclosing or transferring data to other persons, entities, or companies in third countries, this will only occur in compliance with legal requirements.

If the third country has been recognized as having an adequate level of data protection by an adequacy decision under Article 45 of the General Data Protection Regulation (GDPR), the data transfer will be based on that. Otherwise, data will only be transferred if appropriate safeguards are in place, such as standard contractual clauses pursuant to Article 46(2)(c) GDPR, explicit consent, or if the transfer is necessary for the performance of a contract or legal obligation pursuant to Article 49(1) GDPR.

We will also inform you of the legal basis for such transfers to individual third-country providers. In this context, adequacy decisions take precedence. For more information on third-country transfers and current adequacy decisions, please refer to the European Commission’s website:https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en

EU-U.S. Data Privacy Framework:As part of the so-called Data Privacy Framework (DPF), the European Commission recognized, in an adequacy decision dated July 10, 2023, that certain U.S. companies provide an adequate level of data protection. For a list of certified companies and more information about the DPF, please visit the U.S. Department of Commerce’s website:https://www.dataprivacyframework.gov/ As part of our data protection information, we will inform you about the service providers we use that are certified under the Data Privacy Framework.

Disclosure of Personal Data Abroad under Swiss Law:Under the Swiss Federal Act on Data Protection (FADP), we only disclose personal data abroad if the data subject’s protection is adequately guaranteed (Art. 16 FADP). If the Swiss Federal Council has not recognized a country as having adequate protection (list:
https://www.bj.admin.ch/bj/de/home/staat/datenschutz/internationales/anerkennung-staaten.html), we ensure appropriate safeguards are in place. These may include international agreements, specific assurances, contractual data protection clauses, standard data protection clauses approved by the Federal Data Protection and Information Commissioner (FDPIC), or internal company data protection rules approved or recognized by the FDPIC or another competent national data protection authority.

According to Article 16 of the Swiss FADP, exceptions allowing for the transfer of data abroad may apply if certain conditions are met. These include the data subject’s explicit consent, the necessity for contract performance, public interest, protection of life or physical integrity, publicly disclosed data, or data originating from a register provided by law. All such transfers are carried out in compliance with applicable legal requirements.

Data Retention and Deletion Policy

1. General Principles

We collect and retain your personal data only on a lawful basis. Once consent is withdrawn or the legal basis for processing no longer exists, we will delete your data in accordance with applicable laws.

2. Exceptions

In certain cases, we may continue to retain data if legally required or justified by legitimate interests, such as:

  • Compliance with tax, commercial, financial, or regulatory obligations;
  • Handling legal disputes or asserting, exercising, or defending legal claims;
  • Protecting the rights and interests of other individuals or entities.
3. Retention Periods for Specific Activities

We specify data retention periods per processing activity in our privacy policy. If multiple timeframes apply, the longest period shall govern. If no start date is defined and the period is at least one year, it begins at the end of the calendar year in which the triggering event occurred.

4. Continued Retention Beyond Original Purpose

If data is no longer used for its original purpose, we may retain it solely to demonstrate lawful retention as required by applicable laws.

Region- and Country-Specific Data Retention Periods
EU
  • Compliant with the General Data Protection Regulation (GDPR):
  • 10 years – Accounting records, financial reports, invoices (e.g., Germany §147 AO, §257 HGB)
  • 6 years – Business correspondence, contract documents
  • 3 years – Civil claims (e.g., limitation under §195 BGB)
USA
  • Data retention is subject to federal and state laws and industry-specific guidelines:
  • 7 years – Tax records, financial reports (IRS requirements)
  • 3 to 6 years – Healthcare, employment, financial data (per HIPAA, FLSA, SEC, etc.)
  • 2 years – Consumer complaints or after-sales service records (FTC regulations)
Other Areas

Laws vary by country, but common standards include. Although formal data protection legislation is evolving, it is recommended to follow international norms (e.g., GDPR):

  • 5 to 10 years – Tax and corporate financial documents (e.g., Singapore IRAS/ACRA, Malaysia MFRS)
  • 2 to 5 years – Customer and marketing data (per local PDPA laws)
  • Data must be deleted when no longer necessary (e.g., Thailand PDPA)

Your Rights as a Data Subject

We respect and are committed to protecting your data privacy rights. Depending on applicable data protection laws (such as the EU General Data Protection Regulation (GDPR), relevant U.S. regulations, Southeast Asian laws such as the PDPA, and emerging frameworks in the Middle East), you as a data subject are entitled to the following rights:

1. Right to Information

You have the right to be informed whether your personal data is being processed, including details such as the purpose of processing, categories of data, sources, recipients, and retention periods.

2. Right of Access

You have the right to request access to a copy of your personal data being processed.

3. Right to Rectification

If your data is inaccurate or incomplete, you have the right to request correction or completion.

4. Right to Erasure (Right to be Forgotten)

Where legally applicable, you may request the deletion of your personal data—for example, when the data is no longer needed, consent is withdrawn, or the processing is unlawful.

5. Right to Restriction of Processing

You may request the restriction of processing in certain circumstances, such as during the verification of a dispute over data accuracy.

6. Right to Data Portability

Where legally applicable, you have the right to receive your personal data in a structured, commonly used, and machine-readable format or to have it transferred to another data controller.

7. Right to Object

You may object to the processing of your personal data based on public interest or our legitimate interests, especially where your personal situation warrants it. You may also object at any time to processing for direct marketing purposes.

8. Right to Withdraw Consent

If data processing is based on your consent, you have the right to withdraw your consent at any time without affecting the lawfulness of processing prior to the withdrawal.

9. Right to Lodge a Complaint with a Supervisory Authority

If you believe your personal data is being processed unlawfully, you have the right to lodge a complaint with your local data protection authority (e.g., EU data protection agencies, the U.S. Federal Trade Commission, PDPA regulators in Southeast Asia, etc.).

Commercial Services Data Processing Clause

1. Purpose and Scope of Data Processing

We process personal data of our customers and business partners (collectively referred to as “contractual partners”) before, during, and after the performance of contractual or pre-contractual relationships. Such processing includes service delivery, contract fulfillment, customer support, product delivery, payment processing, legal compliance, and internal administration.

2. Categories of Data Processed
  • Inventory Data (e.g., name, address, contact details, customer number)
  • Payment Data (e.g., bank details, invoices, payment history)
  • Contract Data (e.g., subject matter, duration, customer type)
  • Usage and Meta Data (e.g., site interaction, device info, IP address, timestamps)
  • Communication Data (e.g., messages, call logs)
3. Purposes of Data Use
  • Performance of contracts and service delivery
  • Responding to inquiries and after-sales support
  • Communication and record keeping related to contracts
  • Legal compliance (e.g., tax, financial archiving)
  • Security and fraud prevention
  • Business operations and customer relationship management
4. Legal Bases
  • Contract Fulfillment and Pre-contractual Measures: GDPR Art. 6(1)(b)
  • Legal Obligations: GDPR Art. 6(1)(c)
  • Legitimate Interests (e.g., fraud prevention, internal record keeping, security): GDPR Art. 6(1)(f)
5. Customer Accounts and Related Features
  • Customer Accounts: Customers may register accounts for orders, information management, or saved preferences. IP and timestamps are logged for security. Upon termination, data is deleted unless retention is legally required.
  • Wishlist/Favorites: Customers may save items for later viewing. Data is retained for a reasonable period unless the customer deletes it or requests deletion.
6. Data Sharing with Third Parties

We may disclose data to the following third parties on a lawful and minimal-necessary basis:

  • Logistics and delivery providers
  • Payment and banking providers
  • Tax, accounting, and legal advisors
  • Government or regulatory bodies (where legally obligated)
7. Data Retention Period
  • Contractual Data: Typically retained for up to 4 years post-fulfillment; longer if stored within active customer accounts.
  • For legal reasons (e.g., tax records): Up to 10 years.
  • Order Process Data: Deleted after fulfillment unless legally required or with explicit customer consent.
8. Regional Compliance Notes
  • European Union: Full compliance with the General Data Protection Regulation (GDPR), especially Articles 6 and 13–14.
  • United States: Compliance with CCPA/CPRA (where applicable), ensuring transparency, notice, and consumer control.
  • Southeast Asia: Compliance with regional laws such as Singapore’s PDPA, Malaysia’s PDPA, and Thailand’s Personal Data Protection Act (PDP Act).
  • Middle East: Progressive compliance with emerging data protection laws (e.g., UAE Personal Data Protection Law), ensuring lawful processing and protection of individual rights in accordance with local regulations.

Payment Methods

To fulfill our contractual obligations, comply with legal requirements, or based on our legitimate interests, we offer our customers efficient and secure payment methods. In addition to banks and credit institutions, we rely on trusted third-party payment service providers (collectively referred to as “Payment Providers”) to process transactions.

The types of data processed by Payment Providers may include:

  • Master data: Name, address, contact details, customer ID
  • Payment data: Bank details, invoices, payment history, account or credit card number, transaction amount
  • Contract data: Contract scope, term, customer type
  • Usage and metadata: Device type, IP address, timestamps, interaction data

The input and processing of this data is fully managed by the Payment Provider. We do not receive any account or card details—only confirmation or rejection of the payment. In some cases, the provider may share data with credit agencies to verify identity and assess creditworthiness.

Each Payment Provider’s terms of service and privacy policy apply to the transaction. We recommend visiting their official websites or apps to learn more or exercise your rights.

Provision of Online Services and Web Hosting

We process user data to provide access to our online content and functionalities. In particular, user IP addresses are necessary to transmit website content and ensure system security and operational performance.

Scope of Processed Data
  • Usage data: Page views, session duration, click paths, device type, OS, user interactions
  • Content data: Texts, images, submissions, along with author info and timestamps
  • Metadata and communication data: IP address, time of access, identifiers, user origin info
Data Subjects

Users (e.g., website visitors, registered platform users)

Processing Purposes
  • Delivering web content and user functionalities
  • Operation and maintenance of IT infrastructure
  • Security measures such as DDoS protection
  • Optimized content delivery via CDN
Legal Bases

Legitimate interests (GDPR Art. 6(1)(f)): Ensuring stable and secure service operations while improving user experience

Processing Methods and Service Providers

Web Hosting Services

We use server resources rented from Hostinger to host and operate our online services.

Provider: Hostinger International Ltd.
Registered address: 61 Lordou Vironos Street, 6023 Larnaca, Cyprus
Official website: https://www.hostinger.com
Privacy policy: https://www.hostinger.com/privacy-policy
Data center locations: data centers in Europe, the United States, Asia
Basis for transfers to third countries: use of Standard Contractual Clauses (SCCs) or GDPR applicable security mechanisms for transfers outside the EU

Log Files

Access to our services is logged in server log files including page URL, filenames, timestamps, IP address, browser type, and referrer. This supports site security and system optimization.

Log retention period: up to 30 days, after which they are deleted or anonymized
Legal basis: legitimate interest (Article 6(1)(f) GDPR)

CDN

We use a Content Delivery Network (CDN) to distribute content across multiple geographic nodes for faster and more reliable delivery.

Use of Cookies

We use cookies and similar technologies (e.g., local storage, session storage, pixel tags) on this website to enhance user experience, ensure secure and stable platform functionality, and perform analytics and marketing.

What are Cookies?

Cookies are small text files stored on the user’s terminal device (e.g., browser). They are used to record login status, shopping cart contents, user preferences, browsing behavior, etc.

Purpose and Scope of Cookie Usage
  • Ensure technical functionality (e.g., login, checkout)
  • Enhance user experience (e.g., language preferences, personalized content)
  • Site analytics and performance optimization
  • Marketing and remarketing purposes
Legal Bases

We choose the corresponding processing basis according to the data protection laws of different regions:

  • Consent: For non-essential cookies (such as marketing and analysis), we obtain the user’s explicit consent before using them.
    Applicable legal basis: Article 6, paragraph 1, item a of the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA/CPRA).
  • Legitimate Interest: We may use some cookies based on legitimate interests to ensure platform security, stability and user experience, such as security authentication or traffic restrictions.
    Applicable legal basis: Article 6, paragraph 1, item f of the GDPR.
  • Performance of Contract: If certain cookies are necessary to perform the services requested by the user (such as shopping carts and payment functions), we will use these cookies based on contract performance.
    Applicable legal basis: Article 6, paragraph 1, item b of the GDPR
Cookie Retention Duration
  • Session Cookies: Automatically deleted once the browser or app is closed.
  • Persistent Cookies: Remain on the user’s device even after it’s turned off and may be stored for up to 24 months, unless manually deleted.
Withdrawal and Opt-Out Rights

Users may withdraw granted consent at any time using the following methods:

  • Via the cookie consent management interface
  • California and EU residents may exercise the right to “opt out of sale/sharing of personal data”
Consent Management Tool: Cookiebot

We use Cookiebot to manage users’ cookie consent.

  • Service Providers: Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark
  • Website: https://www.cookiebot.com
  • Privacy Policy: https://www.cookiebot.com/privacy-policy/
  • Processed data includes: anonymized IP address, consent timestamp, browser type, consent status, provider info, etc.
  • Retention period: Up to 24 months

Registration, Login and User Accounts

Users may create user accounts. During the registration process, users are provided with the necessary mandatory information, which is processed in order to fulfill our contractual obligations for providing the user account. The processed data particularly includes login information (such as username, password, and email address).

When using our registration, login features, and your user account, we store your IP address and the timestamps of your respective actions. This storage is based on our legitimate interests, as well as those of users, to prevent abuse and other unauthorized use. As a rule, this data is not shared with third parties unless required for the enforcement of claims or legal obligations.

Users may be informed by email about processes relevant to their user accounts, such as technical changes.

Types of Data Processed: Inventory data (e.g., full name, residential address, contact information, customer number, etc.);Contact data (e.g., mailing address, email address, or telephone number);Content data (e.g., textual or visual content and contributions, including metadata such as authorship or creation time);Metadata, communication data, and program data (e.g., IP address, timestamps, identifiers, associated individuals).

Data Subjects: Users (e.g., website visitors, online service users).

Purposes of Processing: Provision of contractual services and fulfillment of contractual obligations;Security measures;Administration and response to inquiries;Provision of our online services and user-friendliness.

Legal Basis: Contract performance and pre-contractual inquiries (Article 6(1)(b) GDPR);

Further Information on Procedures, Methods and Services:

Data Deletion After Termination: If users terminate their user account, all data related to the account will be deleted, subject to any legal permissions, obligations, or user consent;Legal basis: Contract performance and pre-contractual inquiries (Article 6(1)(b) GDPR).

No Obligation to Retain Data: If users terminate the contract, it is their responsibility to back up their data before the end of the contractual relationship. We reserve the right to irrevocably delete all user data stored during the term of the contract;Legal basis: Contract performance and pre-contractual inquiries (Article 6(1)(b) GDPR).

Contact and Inquiry Management

When you contact us (e.g., via mail, contact form, email, phone, or social media), or within the framework of an existing user or business relationship, we process the information provided by the inquirer as necessary to respond to contact requests and perform any requested actions.

Types of Data Processed: Contact information (e.g., mailing and email address or telephone number); Content data (e.g., text or visual messages and related information, such as author or timestamp); Usage data (e.g., page views and duration, click paths, frequency of use, device types and OS, interaction with features); Metadata, communication, and process data (e.g., IP address, time stamps, identifiers, associated users); Inventory data (e.g., name, address, contact details, customer ID); Payment data (e.g., bank details, invoices, payment history); Contract data (e.g., subject of contract, duration, customer category).

Data Subjects: Communication partners; service recipients and customers; commercial and contractual partners.

Purposes of Processing: Communication; Managing and responding to inquiries; Collecting feedback (e.g., via online forms); Providing our online services and enhancing user experience; Fulfilling contractual services and obligations; Office and organizational procedures; Marketing.

Legal Basis: Legitimate interests (Article 6(1)(f) GDPR); Contract performance and pre-contractual inquiries (Article 6(1)(b) GDPR).

Further Information on Processing Methods and Services:

Contact Form: When users contact us via form, email, or other means, we process the data provided to respond to their request;

Legal basis: Contract performance and pre-contractual inquiries (Art. 6(1)(b) GDPR), legitimate interests (Art. 6(1)(f) GDPR).

We may share certain personal information with third-party service providers who help us deliver customer support, such as online chat services (e.g., Tawk.to or LiveChat), ticketing platforms, or CRM systems. These providers are contractually obligated to use your data only to provide the agreed-upon services to us.

Cloud Services

We use cloud services provided by Hostinger (also known as “Software as a Service” or SaaS) to enable online data storage, content management, collaborative workflows, and website hosting. These services operate on Hostinger’s servers and support our ability to provide users worldwide with a reliable, secure, and efficient online experience.

In this context, if personal data is involved in our communication or processed as defined in this privacy policy, it may be stored and handled on Hostinger’s servers. This may include users’ basic information, contact details, transaction records, contracts, and related content. Hostinger may also process usage and metadata for security and performance optimization.

If we provide forms, documents, or content through cloud services, Hostinger may use cookies on users’ devices to enable web analytics or remember preferences (e.g., media control settings).

Types of Data Processed: Inventory data (e.g., name, address, contact details, customer ID); Contact data (e.g., mailing address, email, phone number); Content data (e.g., text, images, author details, timestamps); Usage data (e.g., browsing behavior, device type, OS, interactions); Usage data (e.g., browsing behavior, device type, OS, interactions);

Data Subjects: Service users, communication partners, employees, interested parties.

Purposes of Processing: Office and organizational procedures; Operation and maintenance of IT infrastructure (e.g., servers, networks).

Legal Basis: Legitimate interests (Article 6(1)(f) GDPR).

Further Information about Hostinger Cloud Services:

Service Provider: Hostinger International Ltd., 61 Lordou Vironos St., 6023 Larnaca, Cyprus
Website: https://www.hostinger.com
Privacy-policy:https://www.hostinger.com/privacy-policy
Data Processing Agreement (DPA): Accessible and signable via user dashboard
Data Transfer Basis: Compliant with EU-U.S. Data Privacy Framework (DPF) and EU/EEA Standard Contractual Clauses (SCCs)

Web Analytics, Monitoring, and Optimization

To continuously improve our independent website and enhance user experience, we use web analytics and performance monitoring tools supported by Hostinger’s cloud infrastructure. These tools help us understand user behavior, content preferences, and website performance for feature testing, content adjustments, and technical optimization.

During analysis, we may create anonymized profiles based on user browsing behavior (e.g., page views, click paths, time spent). This information is generally pseudonymized by techniques such as IP masking, ensuring that individuals are not directly identified.

The tools we use do not store personally identifiable information, such as email addresses or names. They primarily process technical data such as device type, browser info, and usage time. A/B testing may also be conducted to identify the most effective content presentation.

With user consent, we may use cookies to gather device or preference information and integrate with third-party analytics services (e.g., Google Analytics, Hostinger Logs, or Lighthouse) for a more comprehensive optimization approach.

Types of Data Processed: Usage data (e.g., page visits, session duration, click paths, interaction logs) ; Metadata and communication data (e.g., IP address, timestamps, browser and system data)

Data Subjects: Website users, visitors, and participants in online interactions

Purposes of Processing:
Traffic measurement and reach analysis ;
Behavior analysis and optimization insights ;
Improvement of website performance and user experience .

Security Measures:IP address pseudonymization (IP masking)

Legal Basis: Article 6(1)(a) GDPR – User Consent

Service Provider: Hostinger International Ltd.
Address:61 Lordou Vironos Street, 6023 Larnaca, Cyprus
Website: https://www.hostinger.com
Privacy Policy: https://www.hostinger.com/privacy-policy
DPA (Data Processing Agreement): Users can view and sign through the backend account
Data Transfer Basis: EU-U.S. Data Privacy Framework (DPF) and EU/EEA Standard Contractual Clauses (SCCs)

Online Marketing and Data Processing

For online marketing purposes, we process personal data to deliver marketing advertisements, display personalized content based on users’ interests (collectively referred to as “Content”), and measure the effectiveness of marketing efforts.

User Profiles and Cookie Technology

To achieve the above objectives, we create user profiles and store user information via files (such as “Cookies”) or similar technologies. This information may include viewed content, visited websites, online networks used, communication partners, and technical details like browser type, computer system, usage time, and functional interactions. Location data may also be processed with the user’s consent.

We store users’ IP addresses but protect privacy by anonymizing them through IP masking (i.e., truncating IP addresses). In general, online marketing processes store only pseudonymized data (such as interest tags) rather than explicit personal information like names or email addresses.

User profile information stored in Cookies may be read and analyzed on other websites using the same online marketing processes to optimize content display and supplement data. Such data is stored on the servers of our marketing service providers.

Explicit Data Linking in Special Cases

In specific scenarios (e.g., when users are members of a social network and we use its marketing services), the social network may link user profiles with explicit personal data. Please note that users may have agreed to such data linking with the service provider during registration.

Conversion Measurement and Data Aggregation

We only collect aggregated data on advertising performance. Under the “conversion measurement” framework, we analyze which marketing activities lead to user actions (such as contract signings), solely for the purpose of optimizing marketing strategies.

Unless otherwise stated, the default storage period for Cookies is two years.

Legal Basis for Data Processing

If user consent is required (e.g., for third-party services): The legal basis is Article 6(1)(a) of the GDPR (Consent).

In other cases: Based on our legitimate interests (i.e., delivering efficient, cost-effective, and user-friendly services), the legal basis is Article 6(1)(f) of the GDPR (Legitimate Interests).

Data Types and Data Subjects

Data types processed: Content data (e.g., text, visual information, author details, creation timestamps), usage data (e.g., page views, dwell time, click paths, device types), metadata, communication data (e.g., IP addresses, timestamps), and event data (e.g., website visits, ad interactions, excluding sensitive information like names or emails).

Data subjects: Website visitors, online service users, etc.

Purposes of Data Processing

Audience measurement (e.g., visit statistics, identifying returning users), behavioral analysis (interest/behavior-based tracking), conversion measurement, target audience segmentation, marketing promotion, user profile creation, service optimization, remarketing, and click tracking.

Security Measures

User privacy is protected through IP masking (anonymization) to restrict access to explicit personal data.

Opt-Out Options and Rights

You may manage your data preferences through the following methods:

Disable Cookies: Disable Cookies in your browser settings, though this may affect some service functionalities.

Regional opt-out platforms:

Europe: https://www.youronlinechoices.eu

Canada: https://www.youradchoices.ca/choices

USA: https://www.aboutads.info/choices

Cross-border: https://optout.aboutads.info

Third-Party Service Providers

We may collaborate with the following third parties for online marketing. Please refer to the links for their data processing policies:

Meta (Facebook/Instagram): For meta pixel tracking, advertising, and conversion measurement. Service provider: Meta Platforms Ireland Limited (Ireland). Legal basis: User consent (GDPR Article 6(a)). Privacy policy: https://www.facebook.com/about/privacy

Google Ads: For ad network delivery, remarketing, and advanced conversion measurement. Service provider: Google Ireland Limited (Ireland). Legal basis: Consent or legitimate interests (GDPR Article 6(a)/f). Privacy policy: https://policies.google.com/privacy

Google Ads: For ad network delivery, remarketing, and advanced conversion measurement. Service provider: Google Ireland Limited (Ireland). Legal basis: Consent or legitimate interests (GDPR Article 6(a)/f). Privacy policy: https://policies.google.com/privacy

Cross-Border Data Transfers

We comply with the GDPR’s regulations on cross-border data transfers, ensuring the legality and security of overseas transfers through mechanisms such as the EU Data Privacy Framework (DPF) and Standard Contractual Clauses (SCCs).

Customer Reviews and Rating Processes

We value user feedback and use review and rating processes to evaluate, optimize our services, and carry out promotional activities. If you rate us or provide feedback through a rating platform or process, the general terms, usage terms, and privacy policies of the platform will also apply. In general, registering on the corresponding platform is required to participate in ratings.

Data Verification and Transfer

To ensure that reviewers have actually used our services, we will transfer necessary data (including name, email address, order number, or product number) to the corresponding review platform with the customer’s consent. This data is used solely for verifying user authenticity.

Data Types and Subjects Processed

Data types:

  • Contract data (e.g., contract subject, term, customer category);
  • Usage data (e.g., page views, dwell time, click paths, device types, operating systems, functional interactions);
  • Metadata, communication data (e.g., IP addresses, timestamps, identification codes).

Data subjects: Service recipients, customers, website visitors, and online service users.

Purposes and Legal Basis for Processing

Purposes: Feedback collection (e.g., via online forms), marketing promotion.

Legal basis:

  • Legitimate interests (Article 6(1)(f) GDPR);
  • User consent (Article 6(1)(a) GDPR).

Third-Party Rating Platform: Google

We collaborate with Google to provide rating services. Details are as follows:

Services:

  • Google’s review tools collect order information (total amount, order number, purchased products) and email addresses, which are hashed and transmitted to Google for user identity verification.
  • With your consent, you will automatically receive a rating invitation via Google; if not, you may manually submit reviews or adjust privacy settings.

Data security:

  • Anonymized IP addresses and visit data are recorded for statistical and error analysis when accessing Google’s review features.
  • Data may be transferred to Google’s servers in the U.S., protected by Standard Contractual Clauses (SCCs) and the EU-U.S. Data Privacy Framework.

Service provider:

User Rights and Contact

If you have questions about data processing or wish to exercise your rights (e.g., data access, deletion), please contact us via the channels provided in our privacy policy or submit a request through Google’s Privacy Center. We will assist in handling your request within the framework of joint responsibility.

Plugins and Embedded Functions and Content

We integrate functional and content elements obtained from servers of respective providers (hereinafter referred to as “third-party providers”) into our online offerings. These may include, for example, graphics, videos, or city maps (collectively referred to as “content”).

Integration always requires the third-party provider of this content to process users’ IP addresses, as they would not be able to deliver the content to users’ browsers without the IP address. The IP address is therefore necessary to display this content or functionality. We make every effort to use only content whose providers use IP addresses solely for content delivery. Third parties may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. Pixel tags may be used to evaluate information such as visitor traffic on pages of this website. Anonymous information may also be stored in cookies on users’ devices, which may include technical information about the browser and operating system, the referring website, the time of access, and other information about the use of our online services, but may also be linked to such information from other sources.

Legal Basis: If we request users’ consent to use third-party providers, the legal basis for data processing is consent (Article 6(1)(a) GDPR). Otherwise, user data will be processed based on our legitimate interests (i.e., interest in efficient, economical, and recipient-friendly services). In this context, we also refer to the information on the use of cookies in this privacy policy.

Types of Data Processed:

  • Usage data (e.g., page views and dwell times, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions);
  • Metadata, communication data, and procedural data (e.g., IP addresses, time information, identification numbers, relevant personnel);
  • Inventory data (e.g., full name, residential address, contact details, customer number, etc.);
  • Contact information (e.g., postal address, email address, or telephone number);
  • Content data (e.g., text or visual information and contributions, and related details such as author or creation timestamps).

Data Subjects: Users (e.g., website visitors, online service users).

Processing Purposes: Provision of our online services and user-friendliness.

Legal Basis: Consent (Article 6(1)(a) of the GDPR).

Further Information on Processing Procedures, Methods, and Services:

YouTube Videos

Changes and Updates

We request that you regularly review the contents of our privacy policy. If any changes occur in the data processing we carry out, we will adjust the privacy policy immediately. If a change requires your cooperation (e.g., consent) or other separate notifications, we will inform you promptly.

If we have provided addresses and contact information for companies and organizations in this privacy policy, please note that these addresses may change over time. We ask that you verify this information before contacting us.

Definitions of Terms

This section provides an overview of the terms used in this privacy policy. To the extent legally defined, their legal definitions apply. However, the following explanations are primarily for ease of understanding.

Employee: An employee is a person engaged in employment, whether as a worker, staff member, or in a similar capacity. An employment relationship is a legal relationship established between an employer and an employee through an employment contract or agreement. It involves the employer’s obligation to pay compensation to the employee during the performance of their work duties. Employment relationships include multiple stages, including establishment (signing an employment contract), execution (the employee carrying out work activities), and termination (ending the employment relationship, whether through notice, termination agreement, or other means). Employee data encompasses all information related to these individuals and their employment context, including personal identification data, ID numbers, salary and bank details, working hours, leave entitlements, health data, and performance evaluations.

Inventory Data: Inventory data includes basic information necessary to identify and manage contractual partners, user accounts, profiles, and similar tasks. This data may include personal and demographic information such as name, contact details (address, telephone number, email address), date of birth, and unique identifiers (user IDs). Inventory data forms the basis for any formal interaction between persons and services, institutions, or systems by enabling clear identification and communication.

Content Delivery Network (CDN): A “Content Delivery Network” (CDN) is a service that uses geographically distributed servers connected via the internet to deliver online content—particularly large media files like graphics or program scripts—more quickly and securely.

Content Data: Content data includes information generated during the creation, processing, and publication of all types of content. Such data may include text, images, videos, audio files, and other multimedia content published on various platforms and media. Content data is not limited to the actual content but also includes metadata providing information about the content itself, such as tags, descriptions, author information, and publication dates.

Click Tracking: Click tracking allows monitoring of user actions across an online service. Since the results of these tests are more accurate if user interactions can be tracked over a period (e.g., to understand whether users prefer to return), cookies are typically stored on users’ computers for these testing purposes.

Contact Information: Contact information is essential for communicating with individuals or organizations. This includes telephone numbers, postal addresses, and email addresses, as well as communication methods such as social media accounts and instant messaging identifiers.

Conversion Measurement: Conversion measurement (also known as “visit action evaluation”) is a method used to determine the effectiveness of marketing measures. To this end, a cookie is typically stored on a user’s device on the website where the marketing activity is conducted and then retrieved again on the target website. For example, it can be used to determine whether ads we place on other websites are successful.

Metadata, Communication Data, and Procedural Data: Metadata, communication data, and procedural data are categories containing information about how data is processed, transmitted, and managed. Metadata, also known as “data about data,” contains information describing the context, source, and structure of other data. It may include details about file size, creation date, document author, and change history. Communication data records information exchanged between users via different channels, such as email traffic, call logs, messages, and chats on social networks, including involved parties, timestamps, and transmission methods. Procedural data describes processes and procedures within a system or organization, including workflow documents, transaction and activity logs, and audit logs used to track and review operations.

Usage Data: Usage data refers to information recording how users interact with digital products, services, or platforms. This data includes a wide range of information showing how users use an application, which features they prefer, how long they stay on certain pages, and the paths they take to navigate through the application. Usage data may also include usage frequency, activity timestamps, IP addresses, device information, and location data. They are particularly valuable for analyzing user behavior, optimizing the user experience, personalizing content, and improving products or services. Additionally, usage data plays a crucial role in identifying trends, preferences, and potential problem areas in digital products.

Personal Data: “Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); a natural person is considered identifiable if they can be identified, directly or indirectly, in particular by reference to a name, an identification number, location data, an online identifier (such as a cookie), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

User Profile: The processing of “user profiles” or simply “profiling” includes any form of automated processing of personal data involving the use of such personal data to analyze, evaluate, or predict certain personal aspects relating to a natural person (depending on the type of analysis, this may include different information related to demographics, behavior, and interests, such as interactions with websites and their content). Cookies and web beacons are often used for analytical purposes.

Reach Measurement: Reach measurement (also known as web analytics) is used to evaluate visitor traffic to online products and can determine visitors’ behavior or interests in certain information, such as content from a website. With reach analytics, online service providers can achieve goals such as understanding when users visit their website and which content interests them. This means they can, for example, better adapt website content to visitors’ needs. For reach analytics, pseudonymous cookies and web beacons are typically used to identify returning visitors, enabling a more precise analysis of online product usage.

Remarketing: “Remarketing” or “retargeting” is used, for example, when, for advertising purposes, a user’s interest in certain products on a website is recorded to remind the user of these products on other websites, such as in ads.

Tracking: “Tracking” refers to the ability to follow a user’s behavior across multiple online services. Typically, information about behavior and interests related to the online services used is stored in cookies or on the servers of tracking technology providers (so-called analytics). This information can then be used, for example, to show users ads that may align with their interests.

Controller: A “controller” is a natural or legal person, public authority, institution, or other body that, alone or jointly with others, determines the purposes and means of the processing of personal data.

Processing: “Processing” means any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means. The term has a broad meaning and covers almost all data handling, including collection, evaluation, storage, transmission, or deletion.

Contract Data: Contract data is specific information related to the formalization of an agreement between two or more parties. It records the conditions for providing, exchanging, or selling services or products. Such data is essential for managing and fulfilling contractual obligations and includes the identities of the contracting parties as well as the specific terms and conditions of the agreement. Contract data may include contract start and end dates, agreed-upon service or product types, pricing agreements, payment terms, termination rights, renewal options, and special clauses or terms. They form the legal basis for the relationship between the parties and are crucial for clarifying rights and obligations, enforcing claims, and resolving disputes.

Payment Data: Payment data includes all information necessary to process payment transactions between buyers and sellers. This data is essential for e-commerce, online banking, and any other form of financial transaction. It includes details such as credit card numbers, bank details, payment amounts, transaction data, verification numbers, and billing information. Payment data may also include information about payment status, refunds, authorizations, and fees.

Target Group Creation (Custom Audience): Target group creation (English “custom audience”) refers to the term used when creating target groups for advertising purposes, such as determining whether to display an ad. For example, based on a user’s interest in certain products or topics on the internet, it can be inferred that the user may be interested in ads for similar products or the online store where they browsed the product. “Lookalike audiences” (or similar target groups) are used when displaying content deemed appropriate to users whose profiles or interests may correspond to those of the users for whom the profile was created. Cookies and web beacons are often used to create custom audiences and lookalike audiences.

购物车