Privacy Policy

We strictly abide by global data protection laws and industry privacy norms, adhere to the principle of voluntary provision, necessary collection and minimal acquisition, and only collect user personal information that is directly related to order transaction, logistics delivery and after-sales service. The collected information mainly includes basic identity information such as recipient name, contact number, delivery address generated during order placement; payment verification information associated with transaction payment; website browsing track, product browsing preference and operation behavior data used for platform experience optimization. We will never actively collect sensitive personal information including identity certificate number, biological characteristic information, private health data and irrelevant personal privacy content. All information collection behaviors are open and transparent, and users can clearly know the content and purpose of information collection during website access and order operation. We do not collect any personal data of minor users intentionally, and if we accidentally obtain minor information due to passive access, we will take immediate encryption and permanent deletion measures in accordance with privacy protection regulations.

The personal information we collect is only limited to internal use within the platform operation scope, and will only be used for order processing, logistics distribution, after-sales service handling, customer demand response, website function optimization and product recommendation matching. We use anonymous processing technology for user browsing behavior data, strip all personal identity markers, and only conduct statistical analysis and market demand research in the form of overall data to optimize product selection, page layout and promotional activity setting. User contact information will only be used for order logistics notification, after-sales progress reminder and official service reply, and will not be used for commercial advertising harassment, irrelevant marketing push and unauthorized information dissemination. We strictly limit the internal access authority of user personal information, only authorize designated operation and customer service personnel to access necessary information, and establish internal information operation norms to prevent internal information leakage and unauthorized use.

We will never sell, lease, transfer or commercially trade user personal information to any third-party commercial institutions, marketing companies and irrelevant organizations without the explicit written authorization of users. Under the premise of complying with privacy protection laws, we may provide necessary information sharing with logistics service providers, payment institutions and official regulatory agencies that are indispensable for order execution, and the shared information is only limited to the minimum content required for business processing. We will sign strict privacy confidentiality agreements with all cooperative third-party institutions, constrain their information use behavior by legal contracts, and require them to abide by the same data protection standards as ours. In case of being required to disclose user information by legal procedures, judicial investigation and official regulatory orders, we will disclose relevant information in accordance with legal provisions and formal procedures, and notify users of the information disclosure behavior within a reasonable time limit as permitted by law.

We adopt industry-leading end-to-end encryption technology, firewall protection system and data isolation storage architecture to fully protect user personal information and transaction data from leakage, tampering, theft and unauthorized access. All user data is stored in encrypted professional cloud servers, with regular data backup, security vulnerability detection and system risk assessment carried out all year round. We establish a complete data security emergency response mechanism. Once potential data security risks such as system intrusion and information leakage are detected, we will immediately start emergency isolation, risk investigation and data repair work, and take the initiative to inform affected users of risk situations and protective measures. We regularly organize internal staff privacy and data security training, standardize staff operation behavior, clarify information protection responsibilities, and establish a perfect accountability mechanism for information security violations to ensure the implementation of all protection measures from system technology and management norms.

Users enjoy the independent right to inquire, view, modify, supplement and delete their personal stored information at any time. Users can manage their address information, contact methods and account related data independently through personal center settings. For unnecessary historical order data and invalid personal information, users can apply for permanent deletion through official service channels. Users have the right to refuse to accept personalized push and marketing message notifications, and can turn off relevant message receiving permissions by themselves. If users think that their personal information is improperly used, leaked or infringed, they can submit privacy complaint feedback through official channels, and we will complete the investigation, processing and result reply within a specified time limit. We fully respect and protect users' autonomous control right over personal privacy, and provide convenient operation channels and official service support for the exercise of all privacy rights.

We only retain user personal information within the time limit required for business operation and legal compliance. After the order is completed, the after-sales service period expires and the legal dispute limitation period ends, we will automatically and permanently delete or anonymize the user's personal information that is no longer needed. For data stored in cloud servers, we adopt irreversible destruction technology to ensure that the information cannot be recovered and retrieved in any way. We will not retain user historical data for indefinite period for commercial use. For users who cancel account registration, we will clear all account bound personal information, order records and browsing data in real time, and complete permanent data destruction. We formulate standardized data retention time standards for different types of information, regularly sort out invalid data, and maintain the lean and safe state of user data storage all the time.