Privacy Policy for shinbeijing.com

1. Introduction

At shinbeijing.com (“we”, “our”, or “us”), we are firmly committed to safeguarding your privacy and ensuring the security of your personal data. This Privacy Policy outlines how we collect, use, share, and protect personal information that you provide when interacting with our website. We honor the principles of data minimization, security, and transparency in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Scope and Data Controller Role

This Privacy Policy applies to the use of our website, shinbeijing.com, and all online activities, products, and services we deliver. shinbeijing.com acts as the Data Controller for personal data collected. As the Data Controller, we determine the purposes and means of processing your personal data in compliance with relevant privacy laws.

3. Categories of Data We Process

We may collect and process the following categories of personal data:

a. Usage Data
Includes information about how you use shinbeijing.com, such as your IP address, browser type and version, device identifiers, geographic location, referring URLs, pages visited, session duration, and time-stamps.

b. Account Data
Includes information provided when creating or managing an account, such as your full name, postal address, email address, and phone number.

c. Profile Data
Includes your preferences, browsing behavior, purchase history, account settings, and personalization choices.

d. Communication Data
Includes records of your interactions with us, such as support inquiries, feedback submissions, and email correspondence.

e. Technical Data
Includes device information (e.g., model, operating system), system settings, browser plug-ins, and configuration details.

f. Transaction Data
Includes order details, billing and shipping addresses, payment confirmations, and transaction history.

g. Preference Data
Includes data regarding your marketing choices, communication preferences, and expressed interests in particular products or services.

4. Legal Bases for Processing

We collect and process your personal data based on the following legal grounds:

– Consent: When you affirmatively agree to our use of your data, for example in subscribing to our newsletter or accepting optional cookies.
– Contractual Necessity: When processing is required to fulfill terms of service or deliver our products and services to you.
– Legal Obligation: When we are required to process your data to comply with applicable laws and regulations.
– Legitimate Interests: When processing is necessary for the purposes of our legitimate business interests, such as in maintaining security or improving website functionality, provided that those interests are not overridden by your fundamental rights and freedoms.

5. Your Rights

Depending on your location, particularly if you are located in the European Union or California, you may exercise the following rights regarding your personal data:

– Right to Access: You can request to view the personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your data where permitted by law.
– Right to Restriction: You have the right to limit processing where applicable.
– Right to Data Portability: You can request a transfer of your data to another party in a readable format.
– Right to Object: You may object to the processing of your data for particular reasons including direct marketing.
– Right to Non-Discrimination: Under CCPA, you have the right to equal service and price even if you exercise your privacy rights.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We implement robust administrative, technical, and physical safeguards to protect your personal information. These measures include but are not limited to:

– End-to-end encryption of sensitive data during transmission and at rest.
– Role-based access controls to limit data access to authorized personnel.
– Regular data backups and disaster recovery protocols.
– Staff training on data protection and information security best practices.

7. International Data Transfers

Your data may be processed or stored outside your country of residence, including in jurisdictions that may not provide the same level of data protection. In such cases, we ensure that appropriate safeguards are implemented, including the use of Standard Contractual Clauses approved by the European Commission and compliance with other regional legal requirements.

8. Data Retention

We retain personal data only for as long as necessary for lawful purposes, including to provide our services, comply with legal obligations, resolve disputes, or enforce our agreements. Specific retention periods are as follows:

– Usage Data: 12 months
– Account and Profile Data: Retained for the duration of account activity plus 24 months post-deactivation
– Communication Data: Retained for 36 months
– Transaction Data: Retained for 7 years to meet financial compliance obligations
– Preference Data: Retained until withdrawn or updated by user

9. Cookie Policy

Our website uses cookies and similar tracking technologies for the following purposes:

– Essential Cookies: Necessary for core website functionality (e.g., remembering login sessions).
– Functional Cookies: Enhance your experience (e.g., remembering settings and preferences).
– Analytics Cookies: Help us understand site usage through aggregated data.
– Performance Cookies: Support load balancing and page rendering across devices.

Cookies are not used to construct personal profiles without your consent.

10. Cookie Management and Compliance

You have the right to manage your cookie preferences at any time by adjusting settings on our site or within your browser. Upon your first visit to shinbeijing.com, we prompt you with a cookie consent banner in compliance with GDPR and CCPA requirements. You can choose to accept all cookies, reject non-essential ones, or manage preferences.

11. Children’s Privacy

Our services are not directed to children under the age of 13, and we do not knowingly collect personal data from minors. If you are a parent or guardian and believe we may have collected data from a child under 13, please contact us immediately at [email protected], and we will take appropriate steps to remove the information.

12. Policy Updates

We may revise this Privacy Policy from time to time to reflect changes in our practices or for legal compliance. Substantive updates will be communicated via our website or, if appropriate, directly to you via email or account notification. Continued use of shinbeijing.com constitutes your acceptance of the updated policy.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact our Privacy Manager at:

Email: [email protected]

We are committed to fully complying with applicable privacy regulations and addressing your concerns promptly and transparently.