Privacy Policy
1. Introduction
At Shin Beijing, accessible at shinbeijing.com, we value your privacy and are committed to protecting your personal data. This Privacy Policy outlines how we collect, use, store, and safeguard your information in accordance with applicable privacy laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We are dedicated to maintaining transparency and enabling you to retain control over your data.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to visitors, users, and customers of the website shinbeijing.com and governs the processing of personal data collected through our website and associated services.
For the purposes of the GDPR and other relevant laws, Shin Beijing is the “data controller” of the personal data collected from you. This means that we determine the purposes and means of processing your personal information.
3. Categories of Data We Process
We may collect and process the following categories of personal data:
– Usage Data: Information about how you interact with our website, such as browser type, IP address, access times, time zone settings, and pages visited.
– Account Data: Data you provide when you create an account or make a purchase, including your name, email address, postal address, and phone number.
– Profile Data: Details related to your user profile, including preferences, purchase history, and behavioral data.
– Communication Data: Records of correspondence when you contact us, including support requests, inquiries, and message history.
– Technical Data: Information about the devices you use to access our services, such as device identifiers, operating system, and browser settings.
– Transaction Data: Information related to financial transactions, including payment methods, billing details, and shipping addresses.
– Preference Data: Your communication preferences, marketing consents, and expressed interests in our products or services.
4. Legal Bases for Processing
We rely on the following legal bases for processing your personal data:
– Legitimate Interest: To improve our services, protect against fraud, and administer our operations in a secure and efficient way.
– Contractual Necessity: To process data necessary to fulfill a contract with you, including order processing and account management.
– Consent: Where required, we collect and process your data based on explicit and informed consent, particularly for marketing activities and the use of non-essential cookies.
– Legal Obligation: To meet applicable legal requirements, such as tax or regulatory reporting obligations.
5. Your Data Protection Rights
Subject to certain conditions and applicable law, you have the following rights:
– Right of Access: The right to request access to the personal data we process about you.
– Right to Rectification: The right to have inaccurate or incomplete data corrected.
– Right to Erasure: The right to request deletion of your personal data (“right to be forgotten”).
– Right to Restriction: The right to request restriction of data processing under certain circumstances.
– Right to Data Portability: The right to obtain a copy of your personal data in a structured, commonly used, and machine-readable format.
– Right to Object: The right to object to processing based on legitimate interest or direct marketing purposes.
To exercise your rights, please contact us at [email protected].
6. Security Measures
We employ industry-standard security measures to protect your data. These include:
– Encryption of data in transit and at rest using secure protocols
– Access control policies to limit data access to authorized personnel only
– Regular data backups to prevent loss
– Mandatory training on data privacy and security practices for employees
– System monitoring and intrusion detection mechanisms
7. International Data Transfers
If your data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:
– Standard Contractual Clauses approved by the European Commission
– Transfer to jurisdictions that offer an adequate level of data protection as determined by relevant authorities
We comply with regional data protection requirements relevant to the transfer of personal data to and from the United States and other jurisdictions.
8. Data Retention
We retain personal data for only as long as necessary for the purposes for which it was collected, including for satisfying contractual, legal, accounting, or reporting obligations. Data retention periods are as follows:
– Usage Data: Up to 26 months for analytics and performance tracking
– Account Data: Retained for the duration of the account and up to 6 years thereafter
– Transaction Data: Retained for up to 7 years to comply with financial and legal audit requirements
– Communication Data: Retained for up to 3 years from the last contact
– Marketing Preferences: Retained until you withdraw your consent
9. Cookie Policy
We use cookies and similar technologies on shinbeijing.com for various purposes:
– Essential Cookies: Necessary for website functionality, such as navigating pages and accessing secure areas
– Functional Cookies: Enable enhanced functionality and personalization
– Analytics Cookies: Help us understand how visitors interact with the site, such as Google Analytics
– Performance Cookies: Used to improve our website’s speed, design, and usability
10. Cookie Management and GDPR/CCPA Compliance
We provide cookie consent controls in compliance with GDPR and CCPA. Upon visiting our website, you will be presented with a cookie banner allowing you to:
– Accept all cookies
– Reject non-essential cookies
– Customize your cookie preferences
You may also manage your preferences through your browser settings or by contacting us directly at [email protected].
CCPA Notice for California Residents: You have the right to opt out of the sale of your personal data. We do not sell your personal data, and we honor “Do Not Track” and “Global Privacy Control” browser settings.
11. Children’s Privacy
We do not knowingly collect, solicit, or process personal data from children under the age of 13. If we become aware that we have collected such data, we will take steps to promptly delete it. If you are a parent or guardian and believe that we may have inadvertently collected your child’s information, please contact us at [email protected].
12. Updates to This Policy
We may revise this Privacy Policy periodically to reflect changes in law, technology, or our data processing practices. We encourage you to review this page regularly to stay informed of any updates. Where material changes are made, we will notify users via our website or by email where appropriate.
13. Contact Us
For questions, concerns, or to exercise any of your data protection rights, please contact:
Email: [email protected]
Shin Beijing is committed to complying with all applicable privacy laws, including the GDPR and CCPA. If you have questions regarding the handling of your personal data, we welcome your inquiries at the email provided above.