Privacy Policy

Effective Date: January 2024

1. Privacy Commitment and Overview

We take your privacy very seriously. This policy explains how we collect, use, and share your personal data when you visit our website or use our services. As an Amazon Solution Provider, we strictly comply with the Amazon Data Protection Policy (DPP) and applicable data protection laws (such as GDPR, CCPA).

"Personal Data" refers to any information that can directly or indirectly identify, relate to, describe, or be reasonably linked to an individual.

2. Categories of Information We Collect

We follow the "minimum necessary" principle, collecting the following information only through authorized APIs or when you voluntarily provide it:

  • Information Actively Provided: Name, email address, billing and payment details, mailing address, and phone number provided when you create an account, complete forms, or contact support.
  • Information Collected Automatically: When you use our services, we automatically receive technical data from your browser or device, including IP address, device type, operating system, browser type, and page view duration.

3. Security Safeguards

We need to ensure the absolute security of data. While no system is 100% secure, we have adopted industry-leading technical and organizational measures to protect your data:

  • Encryption at Rest: All stored Personally Identifiable Information (PII) is encrypted using the AES-256 standard to ensure that even if physical media is stolen, the data cannot be read.
  • Encryption in Transit: All data transmissions are conducted via TLS 1.2 or higher security protocols.
  • Access Control: We implement Role-Based Access Control (RBAC) and Multi-Factor Authentication (MFA) to ensure that only authorized personnel can access data.

4. Data Governance and Retention

We implement strict classification management for data retention to comply with Amazon DPP requirements:

  • Amazon PII Data: To meet the Amazon Data Protection Policy, all Personally Identifiable Information (PII) related to Amazon orders will be securely deleted or anonymized within 30 days after the order is shipped.
  • Legal and Tax Data: Only where explicitly required by law (such as tax laws), we will retain specific transaction records for a longer period (e.g., 5 years), but access to this data will be strictly restricted.
  • Correction and Deletion: If you inform us that information is inaccurate, we will immediately delete or correct it.

5. Cookies and Tracking Technologies

We use cookie technology and similar tools (such as Pixels) to store data in order to identify you, remember your preference settings, and analyze website traffic. These technologies help us confirm visitor behavior patterns and provide efficient services.

You can block cookies through your browser settings, but this may also result in certain services of this website not functioning properly.

6. Data Sharing and Cross-Border Transfer

We will not sell Amazon data to third parties for marketing purposes. Data is only disclosed in the following circumstances:

  • Compliance with legal obligations (such as law enforcement requests).
  • Service providers assisting in business operations (such as logistics and payment processing), all of whom have signed strict data processing agreements.

If cross-border data transfer occurs, we will conduct it based on safeguards such as Standard Contractual Clauses (SCC) to ensure data security.

7. Incident Response

In response to potential security threats, we have developed a comprehensive incident response plan:

  • If a security breach or data leak involving Amazon information occurs, we will notify the Amazon Security Team (security@amazon.com) within 24 hours of discovery.
  • We will immediately take remedial measures and communicate the investigation results and rectification plans to relevant parties.

8. Your Rights

According to laws such as GDPR/CCPA, you have the right to access, correct, delete, and restrict the processing of your personal data. If you wish to exercise these rights or opt-out of marketing emails, please feel free to contact us.

9. Contact Us

This policy will be reviewed annually and updated according to legal requirements. If you have any questions, please contact our Data Protection Officer.

  • Email: salesadmin@yuhuiltd.co.uk