-602x508.png "zenithwaveg")
Company Information: ZENITHWAVEG TECHNOLOGIES INC (Company Registration Number: 20251952423, hereinafter referred to as "we"), Website Domain: zenithwaveg.com (hereinafter referred to as the "Website").
This Privacy Policy explains to you (EU users accessing and using this Website, hereinafter referred to as "you") how we collect, use, store, share, and protect the personal data you generate or provide when using this Website. It also details your rights under the General Data Protection Regulation (GDPR) and how you can exercise them. If you have any questions about this Policy, please contact us using the contact information at the end of this document.
1. Scope of Application
This Privacy Policy applies only to personal data you provide or generate through this Website (including all sub-pages, including the homepage, product display pages, inquiry forms, and order submission pages). It does not apply to the following scenarios: (1) personal data collected through third-party platforms (such as social media links or partner websites); and (2) personal data collected through offline channels (such as telephone conversations) (the relevant data processing rules will be disclosed separately).
2. Types of Personal Data We Collect and How We Collect It
We always adhere to the "minimum necessary" principle and only collect personal data required for legitimate business purposes. The specific categories and collection methods are as follows:
2.1. Personal Data You Provide
When using certain features of this website, you may be required to submit the following personal data:
Basic Identity and Contact Information: When you submit an inquiry form, register as a member, or place an order for luggage products, you will be required to provide your name, email address (your email address will be used for business communications; our business email address is [email protected]), phone number, and shipping address (if product delivery is required);
Corporate Partnership Information: If you are collaborating with us on behalf of a company, you will be required to provide information such as your company name, company registration number, and your position within the company to ensure compliance with the cooperation process;
Feedback and Communication Data: When you send a message, complaint, or suggestion through the "Contact Us" section of this website, we will collect your communication content and any attachments (if any) for follow-up processing. 2.2. Personal Data We Collect Automatically
When you visit this website, our servers and related technical tools automatically record the following data without your active action:
Device and access data: This includes your device model, operating system version, browser type, IP address (anonymized to prevent direct link to personal identity), access time, pages visited, duration on pages, click paths, etc.;
Cookies and similar technical data: This website uses cookies (small text files) to store your preferences, such as language selection and page display mode, to enhance your accessibility. You can disable cookies through your browser settings, but this may result in some website features (such as maintaining member login status) not functioning properly.
3. Purposes and Legal Basis for Processing Personal Data
According to GDPR requirements, we must have a lawful basis for processing your personal data. The legal basis for each processing purpose is as follows:
Responding to inquiries and processing orders: To fulfill our contractual obligations with you (pursuant to Article 6(1)(b) of the GDPR), we use your personal data to respond to inquiries, confirm order information, arrange product delivery, and provide after-sales support to ensure that you can enjoy the services provided by this website. Notifications: If you have explicitly consented to receiving updates on this website (e.g., new product releases, special offers), we will, based on your consent (in accordance with Article 6(1)(a) of the GDPR), send you relevant information via the email address or other contact information you have provided. If you subsequently withdraw your consent, we will immediately stop sending these notifications.
Optimizing the website and services: To pursue our legitimate business interests (in accordance with Article 6(1)(f) of the GDPR, and without prejudice to your fundamental rights and freedoms), we analyze automatically collected access data to adjust the website layout, fix technical glitches, optimize the user experience, and improve the quality and efficiency of our services.
Compliance with laws and regulations: To fulfill our legal obligations (in accordance with Article 6(1)(c) of the GDPR), we maintain transaction records for tax audits and to cooperate with regulatory authorities in compliance investigations, as required by EU and Member State laws, to ensure that our business operations are legal and compliant. Protecting Legal Rights and Interests: When handling complaints, preventing fraud, and other situations, we may use relevant personal data to verify information and maintain normal business operations to protect your or others' legal rights (in accordance with Article 6(1)(d) of the GDPR).
4. Sharing and Transfer of Personal Data
We strictly limit the scope of personal data sharing and promise not to sell your personal data to any third party. We will only share or transfer your personal data in the following necessary circumstances, and we will implement security measures to ensure data security:
Sharing with Partner Service Providers: To facilitate order processing, logistics delivery, and payment settlement, we may share your name, shipping address, and order information with third-party logistics providers (such as DHL and FedEx) and payment institutions (such as PayPal). We may also share your email address with third-party email service providers to send order confirmation emails. These third parties may only use your data to provide services to us and may not use it for other purposes. They must comply with the security requirements agreed upon with us.
Providing personal data in accordance with regulatory and legal requirements: When EU or member state regulators (such as data protection authorities) or courts request personal data in accordance with legal requirements, we will cooperate after verifying the legal basis to ensure compliance with legal requirements.
Transfers in Mergers, Acquisitions, and Restructuring: If we undergo a merger, demerger, acquisition, or asset transfer, your personal data may be transferred to the new entity as part of our corporate assets. We will notify you prior to any transfer and ensure that the new entity continues to comply with this Privacy Policy and the GDPR to protect your rights.
Compliance measures for cross-border data transfers: If your personal data needs to be transferred to a country or region outside the European Economic Area (EEA), we will implement the following compliance measures: first, transfer to a country recognized by the GDPR as "adequacy" (such as Iceland or Liechtenstein); second, enter into "Standard Data Protection Clauses" (SCCs) approved by the European Commission with the recipient; and third, confirm that the recipient has obtained "Privacy Shield" certification (if applicable) to ensure that cross-border data transfers comply with GDPR requirements.
5. Cookie Usage
This website uses cookies primarily to enhance your browsing experience. The uses and management of different types of cookies are as follows:
Necessary Cookies: These cookies are used to ensure the normal operation of basic website functions, such as maintaining member logins and storing order information. They cannot be disabled. If disabled, you will not be able to use core website functions (such as submitting orders and accessing your profile).
Functional Cookies: These cookies are used to record your preferences, such as language, font size, and frequently visited pages, to provide a more personalized browsing experience. You can disable these cookies through your browser settings; the website will still function properly, but your personalized experience will be affected.
Analytical Cookies: These cookies are provided by third-party analytics tools (such as Google Analytics) to measure website visits and user behavior (such as visits to popular product pages), helping us optimize website performance and adjust product display strategies. You can disable these cookies through the tool's official website or your browser settings without affecting website functionality.
Cookie Management: You can view, enable, or disable cookies in your browser's "Settings > Privacy & Security" section (the path varies slightly between browsers; for example, in Chrome, you can manage cookies in "Settings > Privacy & Security > Site Settings > Cookies and Site Data"). We recommend regularly reviewing your browser settings and adjusting cookie permissions as needed.
6. Storage Period of Personal Data
We will only store your personal data for as long as necessary to fulfill the purposes described in this Privacy Policy. The specific storage period depends on the type of data and the purpose of the processing. After this period, the data will be deleted or anonymized (so that it cannot be linked to an individual):
Personal data used for order processing and after-sales support (such as name, address, and order history): After the order is completed and after-sales support ends, we will retain it until the expiration of the retroactive period stipulated by relevant EU tax laws (usually 5-7 years) to meet tax audit requirements;
Personal data used for consultations (such as message content and email address): We will retain it for one year after the completion of the consultation. If you subsequently initiate a consultation, the storage period will be reset to ensure that historical communication records can be connected;
Anonymized data used for user behavior analysis (such as anonymized IP addresses and access paths): We will retain it for two years. After this period, the original data will be deleted, and only aggregated statistical information (excluding personally identifiable information) will be retained.
If you request the deletion of your personal data or withdraw your consent, we will promptly delete the relevant data after verifying your identity (unless required to retain it by law or regulation) and provide you with feedback on the results of the process.
7. Your Rights Under the GDPR
As a personal data subject, you have the following rights under the law. We will provide necessary assistance to you in exercising your rights without unreasonable charge:
Right to Information: You have the right to be informed of the types of personal data we collect, the purposes for processing, storage periods, sharing relationships, data security measures, and other information (this is detailed in this Privacy Policy. If you have further questions, please contact us at any time).
Right to Access: You have the right to request a copy of your personal data to verify its accuracy and completeness. We will respond to your request within one month of receiving it. In complex cases (e.g., large amounts of data), this period may be extended to three months. We will promptly notify you of any such extension.
Right to Correction: If you discover an error in your stored personal data (e.g., a misspelling of your name, a change of address, or an update to your contact information), you have the right to request that we promptly correct it. We will verify the information and promptly make the correction and notify you of the results. Right to Erasure (Right to Be Forgotten): You have the right to request that we delete your personal data in the following circumstances: (1) the purpose for processing has been achieved and further storage is unnecessary; (2) you withdraw your consent and there is no other lawful basis for processing; (3) you object to the processing and there is no overriding public interest need; (4) the processing violates the GDPR or other applicable laws. We will promptly delete the data after verification and confirm that deletion has been completed.
Right to Restrict Processing: If you dispute the accuracy of your personal data, the processing is unlawful, or you need us to retain the data to exercise legal rights (such as to protect your rights), you have the right to request that we restrict the processing (e.g., suspend use for marketing purposes, stop sharing with third parties) until the relevant issue is resolved.
Right to Data Portability: You have the right to request that we provide you with your personal data in a structured, machine-readable format (e.g., a CSV file) or transfer it directly to another data controller designated by you. This right only applies to data processed based on your consent or contractual obligations, ensuring that you have control over your personal data.
Right to Object: If we process your personal data based on "legitimate interests" (e.g., for marketing or user behavior analysis), you have the right to object at any time. We will cease processing your data upon receiving an objection, unless we can demonstrate a legitimate interest that overrides your rights (such as a need to maintain normal business operations), and we will provide you with the reasons.
Right to Withdraw Consent: If you have previously consented to our processing of your personal data (e.g., to receive marketing emails or use personalized recommendations), you have the right to withdraw your consent at any time. Withdrawing consent does not affect any legitimate processing based on consent prior to withdrawal, and we will immediately cease any subsequent processing based on that consent.
How to Exercise Your Rights: You can send us a written request using the "Contact Us" section at the end of this document (providing valid identification, such as a copy of your ID card or passport, so we can verify your identity), clearly stating the rights you wish to exercise and the relevant request. If you believe our processing of your personal data violates the GDPR, you have the right to lodge a complaint with the EU data protection authority (DPA) in your member state to protect your legal rights.
8. Personal Data Security Measures
We prioritize the security of your personal data and implement stringent technical and administrative measures to prevent risks such as data leakage, loss, misuse, and unauthorized access:
Technical Security Measures: We use SSL/TLS encryption technology to protect the data you submit on our website and ensure the security of data during transmission. We deploy firewalls and intrusion detection systems to prevent unauthorized system access. We regularly scan and update our servers and databases for security vulnerabilities to address potential security vulnerabilities. We encrypt and store sensitive data (such as payment information) to reduce the risk of data leakage.
Administrative Security Measures: We strictly limit access to personal data to employees, authorizing only those in essential positions (such as customer service and order processing) and requiring identity verification (e.g., account and password, permissions approval). We provide GDPR and data security training to relevant employees to ensure they understand data protection requirements and operational standards. We have developed a data security incident contingency plan. In the event of a data breach, we will notify affected individuals and the relevant data protection authorities (if necessary) within 72 hours and implement remedial measures to mitigate the impact. Third-Party Supervision and Management: We require our third-party service providers (such as logistics, payment, and email providers) to implement the same level of security measures as we do and sign data security agreements that clearly define the responsibilities of both parties. We regularly review third-party data processing compliance. If any security risks are discovered, we will require them to rectify the situation within a specified period and, if necessary, terminate our partnership.
Please note that Internet transmission carries certain security risks, and we cannot guarantee the absolute security of data transmission. We recommend that you take security measures when using this website, such as setting a complex and unique password, not disclosing account information to others, and changing your password regularly, to help protect your personal data.
9. Data Protection for Minors
This website is primarily intended for adults and does not actively collect personal data from minors under the age of 16. If minors wish to use this website, they must do so with the consent and guidance of their guardian, who will assist them in providing personal data. Guardians are responsible for the processing of the minor's personal data. If we discover that we have collected personal data from a minor without their guardian's consent, we will immediately cease data processing and delete the relevant data. If a guardian discovers that a minor has used this website and provided personal data without their consent, they may contact us to request deletion, and we will promptly process the request after verification.
10. Privacy Policy Updates and Notifications
We may revise this Privacy Policy based on changes in EU laws and regulations, adjustments to this website's operations (such as new features), or user needs. The revised Privacy Policy will be prominently displayed on this website's homepage (e.g., the "Privacy Policy" section at the bottom), along with the new effective date, to ensure timely review.
If a revision affects your core rights (such as an expansion of the scope of data collection, a change in data sharing targets, or an extension of the storage period), we will notify you via your registered email address or display a pop-up window when you visit the website to remind you to review the updated content. Your continued use of this website constitutes your agreement to the revised Privacy Policy. If you disagree, you may cease using this website and contact us regarding the processing of the relevant data.
11. Contact Information
If you have any questions about this Privacy Policy, wish to exercise your personal data rights, or have a complaint regarding data processing, please contact us through the following methods. We will respond within 1-2 business days:
Company Name: ZENITHWAVEG TECHNOLOGIES INC
Company Registration Number: 20251952423
Official Website: zenithwaveg.com
Business Email: [email protected] (We recommend email communication for easy record keeping)