Privacy Policy

1. Scope and Application

This Privacy Policy applies to all personal information collected through our website, during the course of our business relationships, through service provision, and through any other interactions with Changchun Weishen Commerce And Trade Co., Ltd. It covers information collected online and offline, including information provided through email communications, phone calls, meetings, and submitted forms.

This policy applies to all visitors, clients, prospective clients, business partners, job applicants, and any other individuals who interact with our organization. By accessing our website or using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our services and website immediately.

2. Information We Collect

We may collect the following categories of personal information:

• Contact Information: Full name, email address, phone number, company name, job title, billing address, and shipping address.
• Account Information: Username, password, account preferences, and account activity logs if you register for an account on our platform.
• Communication Data: Records of correspondence with us, including emails, chat messages, phone recordings (with consent where required), and support tickets.
• Technical Information: IP address, browser type and version, operating system, device type, screen resolution, language preferences, referring URLs, and browsing behavior on our website.
• Usage Data: Pages viewed, time spent on pages, click patterns, download history, feature usage, and interaction data collected through analytics tools.
• Project Information: Technical requirements, system specifications, project documentation, and other information shared in connection with our services that may contain personal data.
• Financial Information: Billing details, payment method information (processed through secure third-party payment processors), transaction history, and invoice data.
• Employment Data: If you apply for a position with us, we may collect your resume, work history, educational background, references, and other information relevant to the recruitment process.

3. How We Collect Information

We collect personal information through the following means:

• Direct Interactions: When you fill out forms on our website, subscribe to newsletters, request quotes, contact us via email or phone, enter into contracts, or communicate with our team.
• Automated Technologies: As you navigate our website, we may automatically collect technical data using cookies, server logs, web beacons, and similar technologies. Please see Section 11 for more details about our use of cookies.
• Third-Party Sources: We may receive personal information about you from third parties, including business partners, analytics providers, advertising networks, search information providers, and publicly available sources, to the extent permitted by applicable law.
• Service Delivery: During the course of providing our IT services, we may collect information that you or your organization provide as part of project requirements, system documentation, or technical specifications.

4. Purpose of Data Processing

We process your personal information for the following purposes:

• Service Delivery: To provide, maintain, and improve our IT services, including systems design, software development, network infrastructure, cloud solutions, and consulting services.
• Communication: To respond to your inquiries, send service-related announcements, provide technical support, and communicate about project updates.
• Business Operations: To manage contracts, process payments, handle billing, maintain accounts, and conduct internal business administration.
• Website Improvement: To analyze website usage, understand visitor preferences, enhance user experience, and optimize our online presence.
• Marketing: To send you information about our services, industry insights, newsletters, and event invitations where you have consented or where we have a legitimate interest.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests, including data protection and anti-corruption laws.
• Security: To protect our systems, detect and prevent fraud, ensure network and information security, and maintain the integrity of our IT infrastructure.
• Recruitment: To evaluate job applications, conduct interviews, and manage the hiring process.

5. Legal Basis for Processing

We process personal information based on one or more of the following legal bases, as applicable under relevant data protection laws including the Personal Information Protection Law of the People's Republic of China (PIPL) and the General Data Protection Regulation (GDPR):

• Consent: Where you have given clear consent for us to process your personal information for a specific purpose. You have the right to withdraw consent at any time.
• Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
• Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
• Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, provided that your interests and fundamental rights do not override those interests. Our legitimate interests include operating our business, providing services, maintaining security, and improving our offerings.
• Vital Interests: Where processing is necessary to protect your vital interests or those of another person, in exceptional circumstances.

6. Data Sharing and Disclosure

We may share your personal information with the following categories of recipients:

• Service Providers: Third-party vendors who perform services on our behalf, such as hosting providers, cloud infrastructure services, payment processors, analytics services, email delivery services, and customer support platforms. These providers are contractually bound to protect your data and use it only for the purposes we specify.
• Business Partners: Trusted business partners with whom we collaborate to deliver services, subject to appropriate data protection agreements.
• Professional Advisors: Lawyers, auditors, accountants, and other professional advisors who provide consultancy services to us, bound by confidentiality obligations.
• Legal and Regulatory Authorities: Government agencies, law enforcement, courts, or regulatory bodies when required by applicable law, legal process, or to protect our legal rights.
• Corporate Transactions: In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the acquiring entity as part of the transaction, subject to continued protection under this Privacy Policy.

We do not sell your personal information to third parties. We do not share your personal information for third-party direct marketing purposes without your explicit consent.

7. International Data Transfers

As a company operating in China that may serve clients internationally, your personal information may be transferred to and processed in countries other than your country of residence. When we transfer personal information across borders, we implement appropriate safeguards, including:

• Standard contractual clauses approved by relevant data protection authorities.
• Binding corporate rules where applicable.
• Data transfer impact assessments to ensure adequate protection.
• Verification that the receiving jurisdiction provides an adequate level of data protection as recognized by relevant authorities.

For transfers of personal information out of China, we comply with the requirements of the Personal Information Protection Law of the People's Republic of China (PIPL), including conducting security assessments, obtaining necessary approvals, and informing you of the transfer arrangements.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The retention periods are determined based on the following criteria:

• The duration of our business relationship with you or your organization.
• Legal requirements under applicable laws, including tax, accounting, and data protection laws.
• Statutes of limitation for potential legal claims.
• Guidelines issued by relevant regulatory authorities.
• The necessity of retaining data for our legitimate business purposes, such as fraud prevention and service improvement.

When we no longer need your personal information, we will securely delete or anonymize it. If deletion is not immediately possible due to technical or legal constraints, we will implement appropriate safeguards to prevent further processing until deletion is feasible.

9. Data Security Measures

We implement comprehensive technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption: Data in transit is protected using TLS/SSL encryption. Sensitive data at rest is encrypted using industry-standard algorithms.
• Access Controls: Role-based access controls, multi-factor authentication, and strict authorization protocols to ensure only authorized personnel can access personal data.
• Network Security: Firewalls, intrusion detection and prevention systems, regular vulnerability assessments, and penetration testing.
• Security Policies: Documented information security policies, incident response plans, data breach notification procedures, and regular security awareness training for employees.
• Physical Security: Secure data center facilities with access controls, surveillance, and environmental controls.
• Third-Party Audits: Regular reviews and audits of our security practices and those of our service providers.
• Pseudonymization: Where feasible, we pseudonymize or anonymize personal data to reduce privacy risks.

While we strive to protect your personal information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but will promptly notify you and relevant authorities in the event of a data breach as required by applicable law.

10. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Right to Know: You have the right to know what personal information we collect, how it is used, and with whom it is shared.
• Right of Access: You have the right to request a copy of the personal information we hold about you.
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal information.
• Right to Erasure: You have the right to request deletion of your personal information, subject to certain legal exceptions.
• Right to Restrict Processing: You have the right to request restriction of processing of your personal information under certain circumstances.
• Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another controller.
• Right to Object: You have the right to object to processing of your personal information for direct marketing purposes or based on our legitimate interests.
• Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
• Right to Lodge a Complaint: You have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.

To exercise any of these rights, please contact us using the information provided in Section 16. We will respond to your request within the timeframe required by applicable law, typically within 30 days. We may request additional information to verify your identity before processing your request.

11. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and understand where our visitors come from. Cookies are small text files stored on your device by your web browser.

Types of cookies we use:

• Essential Cookies: Necessary for the basic functioning of our website, such as maintaining session state and security. These cannot be disabled.
• Functional Cookies: Enable enhanced functionality and personalization, such as remembering your language preferences.
• Analytics Cookies: Help us understand how visitors interact with our website by collecting anonymous information about page visits, time spent, and navigation patterns. We use tools such as Google Analytics for this purpose.
• Marketing Cookies: Used to track visitors across websites to display relevant advertisements and measure advertising effectiveness.

Your Cookie Choices: When you first visit our website, you will be presented with a cookie consent banner where you can manage your preferences. You can also configure your browser settings to block or delete cookies. Please note that blocking essential cookies may affect the functionality of our website. For more information about managing cookies, visit www.aboutcookies.org.

12. Third-Party Links and Services

Our website may contain links to third-party websites, plug-ins, and applications that are not owned or controlled by us. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you interact with. This Privacy Policy applies solely to information collected by our website and services.

13. Children's Privacy

Our services are not intended for individuals under the age of 18 (or the age of majority in their jurisdiction). We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information without verifiable parental consent, we will take steps to delete such information promptly. If you believe that we may have collected personal information from a child, please contact us immediately.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational considerations. When we make material changes, we will notify you by posting the updated policy on our website with a revised "Last Updated" date. For significant changes, we may also provide additional notice through email or a prominent notice on our website. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

15. Compliance with Applicable Laws

This Privacy Policy is designed to comply with applicable data protection and privacy laws, including:

• The Personal Information Protection Law of the People's Republic of China (PIPL).
• The General Data Protection Regulation (GDPR) of the European Union and the United Kingdom, where applicable.
• The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), as amended, where applicable.
• Other applicable data protection laws in jurisdictions where we operate or serve clients.

To the extent that any provision of this Privacy Policy conflicts with applicable law, the requirements of the applicable law will prevail. For individuals in China, processing of personal information will be conducted in accordance with PIPL requirements, including obligations related to consent, data minimization, purpose limitation, and cross-border data transfer.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Company: Changchun Weishen Commerce And Trade Co., Ltd.
• Address: Room 418-A773, No. 306 Huguang Road South Lane, Chaoyang District, Changchun, Jilin, China
• Email: support@weishen.shop
• Phone: +1 873 382 9567
• Website: www.weishen.shop

We will make every effort to address your concerns promptly and effectively. If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.