Privacy Policy

Privacy Policy

Applicable from October 2022

We value your privacy and the protection of your personal data. This policy informs you about how your data are collected and used in connection with any contact with our Company, in accordance with the applicable data protection laws and regulations, including the local data protection laws in your country (such as the “Information Technology and Freedoms” Act No. 78-17 of January 6, 1978) and the European regulation in force resulting from the General Data Protection Regulation 2016/679 of April 27, 2016 (“GDPR”).

Data Controller and Recipients of Personal Data

The personal data collected (“Data”) in connection with the use of our Products and more generally, in connection with contacts you may have with our Company, are processed by Shenzhen Xiaopai Kejiyouxiangongsi as the data controller (“Data Controller”).

What is Data?
Data means any information relating to an identified or identifiable natural person, directly or indirectly, including by reference to an identifier such as a name, a mail address, an email address, a phone number, an identification number, location data, or an online identifier.

Who has access to your Data?

  • The Data Controller’s support services (purchasing/sales administration, after-sales, logistics, supplier management, HR/recruitment, IT service, accounting, and marketing).
  • Third-party service providers, including:
    • Technical service providers
    • Financial/accounting service providers (auditors, banks)
    • Logistics service providers (carriers)

Your Data may also be disclosed to third parties in cases where such communication is permitted and required by law or a court decision, or to protect and defend the Data Controller's rights.

When third parties act as data controllers, please refer to their privacy policies on their official websites or platforms.

Data Processing Purposes

The Data collected is used for the following purposes:

     1. Performance of Commercial Relationships

    • Creation of customer or supplier accounts
    • Fulfillment of orders
    • Invoicing and contract monitoring
    • Delivery, after-sales, and complaints management
    • Organization of satisfaction surveys
    • Management of unpaid invoices and litigation

     2. Responding to Requests

    • Processing and responding to information requests or contract-related inquiries.

     3. Legal, Accounting, and Tax Obligations

    • Retention of accounting supporting documents
    • Management of rights, rectification, and objection requests
    • Maintenance of a list of objections to canvassing

     4. Consent-Based Processing

    • Sending newsletters (you may withdraw consent at any time).
    • Delivering prizes to winners in promotion activities.

     5. Legitimate Interests of the Data Controller

    • Customer relationship monitoring and loyalty programs.
    • Product optimization and personalization of the customer experience.
    • Conducting promotion and marketing activities.
    • Combating payment fraud.

Your Rights Regarding The Data

You have the following rights regarding your Data:

  • Right of Access
  • Right to Rectification of erroneous personal Data.
  • Right to Object to processing (in certain cases).
  • Right to Erasure of some of your Data.
  • Right to Withdraw Consent for processing (with effect for the future).
  • Right to Restrict Use of your Data.
  • Right to Portability for transmission to a third party.

Length of Retention of The Data

Your Data shall be retained for a period not exceeding that required for the purposes for which they are collected:

  • General Data: 3 years following the last consent, then archived for up to 5 years.
  • Cookies: 13 months from storage/creation.

If applicable laws require a longer retention period, we will comply with legal requirements and delete the Data only after the expiration of the retention period. At the end of these periods, the Data will be erased from active databases and archived (if necessary) before being destroyed.