1Scope & Effective Date

This Privacy Policy ("Policy") is issued by the operator of this website ("we," "us," or "our") and applies to all services provided through this website (including mobile versions, H5 pages, and API integrations).

This Policy is designed to comply with:

• 🇨🇳 China: Personal Information Protection Law (PIPL, 2021), Cybersecurity Law, and Data Security Law
• 🇪🇺 EU: General Data Protection Regulation (GDPR, 2018)
• 🇺🇸 US: California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA)
• 🇬🇧 UK: UK GDPR and Data Protection Act 2018
• 🇦🇺 Australia: Privacy Act 1988 and Australian Privacy Principles (APPs)

This Policy is effective as of the "Last Updated" date shown at the top of this page.

2Information We Collect

2.1 Information You Provide Directly

• Registration details: username, email address, password (stored encrypted)
• Profile information: name, avatar, contact details (optional)
• Transaction data: shipping address, payment method (full card numbers are not stored)
• User-generated content: reviews, feedback, uploaded files
• Customer support correspondence

2.2 Information Collected Automatically

• Log data: IP address, access timestamp, page path, HTTP status codes
• Device information: browser type, operating system, device identifiers
• Approximate location: country/region level only (not precise GPS coordinates)
• Cookies and similar technologies (see Section 6)

2.3 Information from Third Parties

• When you log in via a third-party account (WeChat, Google, Apple, etc.), we receive only the profile information you have authorized for sharing
• Aggregated, anonymized analytics data from advertising partners

3Legal Basis for Processing

Under applicable law, we process your personal information on the following legal bases:

For EU/UK users, we identify the specific legal basis under GDPR Article 6 for each processing activity.

4How We Use Your Information

• Service delivery: Creating accounts, processing transactions, providing customer support
• Service improvement: Analyzing usage patterns, optimizing UI and features
• Security: Detecting and preventing fraud, abuse, and security vulnerabilities
• Legal compliance: Fulfilling legal obligations, responding to lawful requests from courts or government authorities
• Communications: Sending service notifications and security alerts (these cannot be opted out of)
• Marketing: Sending promotional messages only with your explicit consent (opt-out available at any time)

5Sharing, Transfer & Disclosure

We do not sell your personal information. We may share it only in the following circumstances:

5.1 With Service Providers

We engage third-party service providers (e.g., cloud hosting, payment gateways, email services) who process data on our behalf under strict data processing agreements that prohibit use for any other purpose.

5.2 Legal Disclosure

We may disclose your information when required by law, court order, or governmental authority. We will notify you to the extent permitted by law.

5.3 Business Transfers

In the event of a merger, acquisition, or asset sale, we will ensure that any successor party honors this Policy and provide you with advance notice of any change in control.

5.4 Protection of Rights

We may disclose information as necessary to protect the rights, safety, or security of our company, users, or the public (e.g., reporting fraud).

6Cookies & Similar Technologies

You can manage your cookie preferences through your browser settings. Refusing non-essential cookies will not affect core functionality. Where required, we will obtain your consent for non-essential cookies through a consent banner on your first visit.

7Data Security

We implement industry-standard technical and organizational measures to protect your information, including:

• Transport encryption: TLS/SSL — the entire site operates over HTTPS
• Storage encryption: AES-256 encryption for sensitive fields at rest
• Access controls: Internal access based on least-privilege principles
• Regular security audits and penetration testing
• Incident response and data breach notification procedures

8Data Storage & International Transfers

Our servers are located in China. When we transfer your data internationally, we ensure adequate safeguards as follows:

• China users: We comply with PIPL Articles 38–40, including completing security assessments or signing standard contracts (SCCs) approved by the Cyberspace Administration of China (CAC);
• EU/UK users: We rely on Standard Contractual Clauses (SCCs) under GDPR Article 46 or other approved transfer mechanisms;
• California users: We ensure that recipients provide a level of protection equivalent to CCPA requirements.

9Data Retention

Upon expiry of the applicable retention period, we will securely delete or anonymize your personal information.

10Your Rights

Depending on your jurisdiction, you may have some or all of the following rights:

To exercise any of these rights, please contact us using the details in Section 15. We will respond within the timeframe required by applicable law (generally within 30 days). We may need to verify your identity before processing your request.

11Children's Privacy

Our services are not directed to children under 14 years old (China), 16 years old (EU), or 13 years old (United States). We do not knowingly collect personal information from children below these age thresholds.

If we discover that we have inadvertently collected personal information from a child without appropriate consent, we will delete it promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us via Section 15.

Users aged 14–18 must have parental or guardian consent to use our services. Parents and guardians are responsible for supervising minors' use of this website.

12Third-Party Links Disclaimer

This website may contain links to third-party websites, services, or content. Those third parties' privacy practices are beyond the scope of this Policy.

13Limitation of Liability

To the fullest extent permitted by applicable law:

• Any loss arising from your own breach of this Policy or our Terms of Service is your sole responsibility;
• We shall not be liable for data breaches or service interruptions caused by force majeure events, including but not limited to natural disasters, war, acts of government, cyberattacks, or network failures;
• We shall not be liable for losses caused by your own disclosure of account credentials or use of insecure networks;
• We exclude liability for indirect, incidental, consequential, special, or punitive damages, including loss of profits or loss of data;
• Our total aggregate liability to you shall not exceed the fees you have actually paid to us in the 12 months preceding the claim.

The above limitations do not apply to liability arising from our gross negligence or willful misconduct, nor to any liability that cannot be excluded by applicable law (including mandatory consumer protection laws).

14Changes to This Policy

We may update this Policy from time to time. When we make material changes, we will:

• Post a prominent notice on our website;
• Send you an email notification to your registered address (where applicable);
• Update the "Last Updated" date at the top of this page.

Your continued use of our website after changes take effect constitutes your acceptance of the updated Policy. If you do not accept the changes, please stop using the website and you may request deletion of your account.