-589x544.png "vtxayz")
VERTEXAYZ CO., LTD takes your privacy seriously. This Privacy Policy is prepared in accordance with the EU General Data Protection Regulation (GDPR) and other relevant regulations to clearly explain our practices regarding the processing of personal data of EU users and to ensure your rights are fully protected.
1. Scope of Application
This Privacy Policy applies to the collection, storage, use, transfer, and other processing of personal data of EU residents by VERTEXAYZ CO., LTD in the course of its business activities within the EU. Whether you browse product information on our website vtxayz.com, communicate with us via email at [email protected], or purchase one of our mugs, the processing of your personal data is governed by this Privacy Policy.
2. Definitions
Personal Data: refers to any information that can directly or indirectly identify a natural person, such as name, address, contact information, purchase history, etc.
Sensitive Personal Data: This includes information related to race, political opinions, religious beliefs, health data, and biometric data, and is subject to stricter regulations for its processing.
Data Controller: VERTEXAYZ CO., LTD., as the data controller, determines the purposes and means of processing personal data.
Data Processing: This includes any operations involving personal data, including collection, recording, organization, structuring, storage, adaptation, retrieval, use, disclosure, transmission, and dissemination.
Personal Data Collection and Use
Types of Information Collected
Basic Information: When you connect with us, such as registering an account, inquiring about products, or placing an order, we collect your name, email address, phone number, shipping address, and other information to provide you with services, process your order, and provide after-sales support.
Transaction Information: Purchase records include the mug style, quantity, payment amount, payment method, and order date you purchased. This information is used for financial settlement, order management, and analyzing purchasing preferences to optimize our products and services.
Browsing Information: We collect information about your browsing behavior on vtxayz.com through technical means (such as cookies), including pages visited, browsing time, and links clicked, to improve your website experience and provide personalized product recommendations.
3. Purpose of Use
Performing Contractual Obligations: Fulfilling your mug order, including shipping, returns, exchanges, and after-sales support.
Providing Services and Communication: Responding to your inquiries and feedback, and sending you order status updates, product information, promotions, and other information, provided you have consented to receive such marketing communications.
Optimizing Products and Services: Analyzing collected data to understand user needs and market trends, improving mug design, functionality, and quality, and enhancing website performance and user experience.
Complying with Legal Obligations: Retaining necessary data as required by law, and cooperating with regulatory agencies in investigations, audits, and other compliance activities.
4. Legal Basis
Consent: When processing certain personal data that is not necessary for service enhancement (such as personalized marketing), we will obtain your explicit consent in advance. You may withdraw your consent at any time, and such withdrawal will not affect processing based on consent prior to withdrawal.
Performance of Contract: Collecting and processing personal data necessary to perform the purchase contract with you.
Legitimate Interests: Processing data for our legitimate business interests, such as data analysis to optimize operations, without prejudice to your rights. Legal Requirements: Data processing is carried out in accordance with EU and Member State laws and regulations.
Storage and Security of Personal Data
5. Storage Period
Generally, we store your personal data for the minimum period necessary to achieve the processing purpose. For example, after an order is completed, relevant transaction data will be retained for 10 years to meet financial and tax compliance requirements.
If you maintain an ongoing business relationship with us, the relevant data will be retained for the duration of the relationship and will be retained or deleted after the relationship ends, as specified.
6. Security Measures
Technical Measures: We use industry-standard encryption technologies (such as SSL/TLS) to protect data transmission security, encrypt stored data, restrict access rights, and regularly update systems and software to prevent cyberattacks and data breaches.
Organizational Measures: We have established strict data security policies and procedures, provide employee data protection training, clearly define the data processing responsibilities and authorities of each position, and conduct regular security audits and vulnerability detection.
7. Rights of Personal Data Subjects
Right to Information
We will clearly and transparently inform you of the relevant information regarding the processing of your personal data, including the purpose and method of processing, storage period, and data sharing partners. This information is available through this Privacy Policy and related notices. Right of Access
You have the right to request a copy of your processed personal data and details of the processing at any time. We will respond and provide it within a specified timeframe (usually no more than 2 business days).
Right to Correction
If you discover that the personal data we hold about you is inaccurate or incomplete, you have the right to request its correction. We will verify and update the data promptly.
Right to Erasure (Right to Be Forgotten)
Under certain conditions, such as when the purpose of processing has been achieved, you have withdrawn your consent and there is no other legal basis for processing, or the processing violates a law, you have the right to request the erasure of your personal data. We will delete it as soon as possible, unless we are required to retain it by law.
Right to Restrict Processing
In certain circumstances, such as during a dispute regarding the accuracy of the data, you may request that we restrict the processing of your personal data. We will do so and retain only the necessary data.
Right to Portability
You have the right to obtain your personal data in a structured, commonly used, machine-readable format and to transfer it to another data controller without hindrance, where technically feasible. Right to Object
You have the right to object to data processing based on legitimate interests or public interest, based on legitimate grounds. We will assess your objection and, if upheld, cease the processing. You may object to data processing for direct marketing purposes at any time, and we will immediately cease such marketing activities.
8. Children's Rights
When processing the personal data of children under the age of 16 (or a lower age in some Member States, subject to local law), we only do so with the consent of their parents or legal guardians and implement additional safeguards, such as providing information in a child-friendly format.
9. Sharing and Transfer of Personal Data
Internal Sharing
For business operations, we may share your personal data within our company, such as sales, customer service, logistics, and finance, to ensure consistent service delivery.
External Sharing
Partners: We share necessary personal data with third-party partners who assist us in conducting our business (such as logistics providers, payment service providers, and marketing services agencies), provided they adhere to strict confidentiality and data protection obligations and that sharing is limited to the extent necessary to perform our collaborative roles. Legal Requirements: We may disclose personal data to law enforcement or regulatory authorities where required by law, such as in response to a court order or a government investigation.
Cross-border Transfers
When transferring personal data from within the EU to countries or regions outside the EU, we will ensure that the recipient has an adequate level of data protection, such as through standard contractual clauses or certification mechanisms recognized by the European Commission.
10. Data Protection Officer and Complaints
Data Protection Officer
We have designated a Data Protection Officer (DPO) to oversee our data protection compliance efforts. You may contact the DPO at [Contact Details] with any questions or suggestions regarding data protection.
Complaints
If you have any questions, complaints, or concerns regarding our processing of personal data, please contact us at [email protected]. We will promptly address and respond to your concerns. If you are dissatisfied with our handling of your personal data, you may lodge a complaint with the data protection supervisory authority in an EU member state.
Updates to Terms
We may update this Privacy Policy from time to time based on changes in laws and regulations, business adjustments, and other factors. Updates will be posted on vtxayz.com. Significant changes will be notified via email or other means. We recommend that you review these Terms regularly to stay updated on the latest privacy policies.