Chapter I – General Provisions
Article 1 – Purpose and Legal Basis
In order to protect the security and lawful rights and interests of users’ personal information on this e-commerce platform (hereinafter referred to as the “Platform”), regulate the Platform’s practices in the collection, use, storage, sharing, transfer, and public disclosure of personal information, and create a safe and trustworthy online transaction environment, this Policy is formulated in accordance with applicable laws and regulations, including but not limited to the Personal Information Protection Law, Data Security Law, Cybersecurity Law, E-commerce Law, and relevant industry standards.
Article 2 – Scope of Application
This Policy applies to all users who access, register for, or use the services of the Platform, as well as all activities involving the processing of users’ personal information during the operation of the Platform.
Affiliated companies and partners of the Platform (such as logistics providers and payment institutions) that process users’ personal information in connection with the Platform’s services shall also comply with the principles and requirements of this Policy.
Article 3 – Definitions
- Personal Information
Refers to any information recorded electronically or by other means that can identify a specific natural person, either alone or in combination with other information, or reflect the activities of a natural person. This includes but is not limited to name, identification number, contact information, shipping address, bank account information, transaction records, browsing history, IP address, and device information. - Sensitive Personal Information
Refers to personal information that, if leaked, illegally provided, or misused, may endanger personal or property safety, or cause damage to reputation or physical and mental health. This includes identification numbers, bank account information, precise location data, etc. Such information is subject to stricter protection measures. - Anonymized Information
Refers to information that has been processed so that it cannot identify a specific natural person and cannot be restored. The use of anonymized information is not subject to this Policy.
Article 4 – Basic Principles
- Legality, Legitimacy, and Necessity
The Platform collects and uses personal information only within the scope permitted by laws and regulations, for clear and specific service purposes, and limited to the minimum necessary to achieve such purposes. - Openness and Transparency
The Platform informs users of personal information processing rules in a clear and understandable manner and promptly discloses any updates or changes to this Policy. - Security Protection
The Platform adopts industry-standard technical and management measures to prevent unauthorized access, use, disclosure, alteration, or destruction of users’ personal information. - User Autonomy
Users have the right to access, correct, and delete their personal information, to withdraw consent for information collection and use, and to be informed of and control the processing of their personal information.
Chapter II – Collection and Use of Information
Article 5 – Scope and Methods of Collection
- Necessary Information
To provide core services such as user registration, product transactions, payment processing, and logistics delivery, the Platform collects necessary personal information, including name, mobile phone number, and shipping address. Refusal to provide such information may result in the inability to use core services. - Non-necessary Information
To improve service quality and user experience (such as personalized recommendations and marketing activities), the Platform may collect non-necessary personal information, including interest preferences, browsing and search records, and device models, only with the user’s explicit consent. Users may choose whether to provide such information without affecting basic services. - Methods of Collection
Personal information is collected through user input, interaction behaviors (such as browsing, purchasing, and reviews), and automatic generation by devices (such as IP address and browser type). The Platform clearly informs users of the purpose and method of each type of information collected.
Article 6 – Rules for Use
- Purposes of Use
Personal information is used strictly for the purposes stated in this Policy, including but not limited to:
- Account registration, login, and management
- Order processing, product or service delivery, payment settlement, and logistics
- Business communications such as order confirmation, delivery notifications, and after-sales services
- Ensuring transaction security and preventing fraud and cybersecurity risks
- Providing personalized recommendations, marketing information, and market research based on user authorization
- Improving platform services and user experience
- Other purposes permitted or required by laws and regulations
- Account registration, login, and management
- Use Restrictions
Without the user’s explicit consent or legal authorization, the Platform shall not use personal information for purposes unrelated to those stated. Any change in purpose due to business development will be notified in advance and require renewed user consent.
Chapter III – Storage and Protection of Information
Article 7 – Storage Standards
- Retention Period
Personal information is stored only for the minimum period necessary to achieve service purposes. After the retention period, information will be anonymized or securely deleted, unless otherwise required by law or for legal obligations or dispute resolution. - Storage Location
Personal information is generally stored on servers located within the applicable jurisdiction. If cross-border storage is required, the Platform will comply with legal requirements such as security assessments and standard contractual arrangements.
Article 8 – Security Measures
- Technical Measures
Encryption is used for sensitive information during storage and transmission; access control mechanisms limit internal access; regular vulnerability scans and penetration tests are conducted; and security monitoring systems are deployed to prevent unauthorized access. - Management Measures
The Platform establishes sound information security management systems, conducts privacy and security training for employees, requires confidentiality agreements, and audits information processing activities. - Incident Response
Emergency response plans are established for data breaches or loss. In the event of a security incident, remedial actions will be taken immediately and notifications will be made to users and regulatory authorities in accordance with the law.
Chapter IV – Sharing, Transfer, and Public Disclosure
Article 9 – Information Sharing
The Platform does not share users’ personal information with third parties without explicit user consent, except in the following circumstances:
- When necessary to complete transactions or provide services, information may be shared with partners (such as logistics and payment providers) under strict contractual obligations.
- When required by laws, regulations, or lawful requests from judicial or administrative authorities.
- When necessary to protect the legitimate rights and interests of the Platform, users, or the public.
- When information has been anonymized or de-identified.
Article 10 – Information Transfer
In the event of mergers, divisions, acquisitions, restructuring, or bankruptcy liquidation, personal information may be transferred as part of assets. Users will be notified in advance, and the transferee will be required to continue fulfilling privacy obligations. Any change in purpose or method requires renewed user consent.
Article 11 – Public Disclosure
Personal information is not publicly disclosed unless explicitly authorized by the user or required by law or public interest, with reasonable measures taken to protect privacy.
Chapter V – User Rights
Article 12 – Right of Access and Copy
Users may access or copy their personal information and order records through their accounts or request assistance from customer service after identity verification.
Article 13 – Right of Correction and Deletion
Users may request correction or deletion of inaccurate or unnecessary personal information. If immediate deletion is not possible due to technical or legal reasons, the Platform will cease use and complete deletion or anonymization within a reasonable period.
Article 14 – Withdrawal of Consent and Account Cancellation
Users may withdraw consent for non-necessary information at any time and may apply to cancel their accounts through published procedures. The Platform shall not impose unreasonable conditions.
Chapter VI – Protection of Minors
Article 15 – Special Protection
The Platform does not actively collect personal information from minors under the age of 14. If minors use the Platform, guardian consent is required. Personal information of minors is subject to special protection.
Chapter VII – Amendments and Notifications
Article 16 – Policy Changes
This Policy may be updated due to legal or business changes. Updates will be notified through prominent methods and take effect upon user consent where required.
Article 17 – Effectiveness of Notice
Continued use of the Platform constitutes acceptance of the updated Policy.
Chapter VIII – Dispute Resolution and Liability
Article 18 – Dispute Resolution
Disputes shall be resolved through negotiation or litigation in the competent court at the Platform’s location.
Article 19 – Legal Liability
Violations of this Policy may result in civil, administrative, or criminal liability.
Chapter IX – Supplementary Provisions
Article 20 – Contact Information
For privacy-related inquiries or complaints, please contact:
- Customer Service Hotline: ___________
- Customer Service Email: ___________
- Contact Address: ___________
Article 21 – Effective Date
This Policy shall take effect on ___ / ___ / _____.
(Note: Portions of this document may have been generated with the assistance of AI.)