2

Privacy Policy – Australia

EFFECTIVE DATE 19.08.2023

Click to review the previous version: 01.02.2021; 03.12.2021;

Note: The Privacy Policy has been updated. Please review the updated privacy policy carefully before using the Website. By using the Website, You consent to the terms of the updated Privacy Policy.

RESPONSIBLE

Responsible for the collection, processing and use of Your personal data within the meaning of Art. 4 No. 7 GDPR and US data protection laws is – Suzhou Allshine Imports & Exports Co. Ltd. (Address: Rm.12, Ho King Commercial Centre, 2-16 Fa Yuen str., Mongkok, Kowloon, Hong Kong, BR: 36242147-000-11-20-5), hereinafter – “Company”.

If You wish to object to the collection, processing or use of Your data by us in accordance with these data protection regulations as a whole or for individual measures, You can address us Your objection.

Also, You can save and print out this Privacy Policy at any time.

GENERAL CONDITIONS

Our Company (“We,” “Us,” and “Our”) profoundly cares about the safety of its Users (“Members,” “Clients,” “You,” and “Your”), as well as about the security of their private information. The Privacy Policy section here is destined to give You an overview of the information we need from You and about how it is protected from illegal use. We urge Our Clients to study the following Privacy Policy section before they pass on to the cooperation with Us.

You accept the following information about the Privacy Policy, as well as the Terms and Conditions. If You need additional information about the Privacy Policy issues, find Our Company’s contact information on the Website and get in touch with one of Our online specialists.

All personal data is collected and processed in compliance with the applicable data protection regulations of the United States of America, as well as the General Data Protection Regulation (GDPR).

AGE LIMITATIONS

We have no official right to collect any private information from persons who are not 18 yet. It is strictly prohibited to the Users under 18 to use Our Website and any of the Services offered by Our Company. As soon as We find out that the information presented by the User is not eligible because of the age limits, it will promptly be erased. We bear no responsibility in case if You’re not old enough to use the Website. You must be of legal age to be in line with Our Privacy Policy, as well as with Our Terms and Conditions.

Alert Us in case one of Your children under 18 is using Our Website trying to get access to our services. We’ll take measures to block access to Our Website from Your IP address. All affiliate websites cooperating with Our Company will be blocked for Your child as well.

TYPES OF INFORMATION WE COLLECT

Our Privacy Policy is a part of the agreement between the User and Our Company that implies thorough protection of the data You share with Us. You agree with Our Privacy Policy, as well as with the Terms and Conditions in the process of registration. We protect personal information in Your account following the rules and regulations mentioned in this section.

Our Users must accept the conditions included in the current Privacy Policy section, thus giving Us their consent to:

• Track Your activity on Our Website;

• Collect the statistics about Your most preferred services;

• Use Your personal information to make Our Website safer and more productive.

Your acceptance of the Privacy Policy will become a legal basis for Us in case any inconveniences occur. We need certain types of information, which will be sufficient and in line with the Terms and Conditions of Our Website.

GEOLOCATION

We need the relevant information about Your geographical position to facilitate the process of order and payment for Our Goods. When You enable Your geographic location, You start receiving more convenient and personalized offers with promotions, additional payment methods, and personalized advertisements for a more satisfying experience.

CONTACTS

Your contact information allows the Users of Our Service to contact You directly or via email or phone. This is considered private information and it can only be revealed as a part of a pre-paid service for Our Members.

TECHNICAL INFORMATION

Technical information usually includes the following:

• Name;

• The IP address and the name of Your device, as well as the name of Your browser;

• Times and dates of Your online sessions;

• Date of the registration;

• Order ID;

• Activities on Our Website;

• Numerous technical issues concerning the use of JavaScript or anything else that can be helpful to You.

PAYMENT DETAILS

We reserve the right to keep the billing information, but We don’t have complete access to the numbers of Your credit cards. Our Privacy Policy implies that we can store the following information about our Clients’ payment details:

• Billing address;

• IP address;

• Card mask.

These are basic payment details necessary for the cooperation with most online shops and services. Accept that Our Website can partially collect Your payment details and technical data. Our Clients provide most of the information intentionally.

Our Website may also collect information and statistics about the way You use our payment system and other technical aspects. This information is only collected in the impersonated form and used for further analysis to enhance Your experience and make it more beneficial for You.

PERSONAL INFORMATION USE AND DISCLOSURE

We do not use Your personal information for any other purposes except for the ones mentioned in this Privacy Policy section. We also never share Your data with third-party companies or people. This is considered illegal, and We have no rights to enforce the rules that do not correspond with the legislation of the state.

All Members of Our Website will have access to Your personal information posted by You in Your account. No one will be able to make changes in it except for You. Our Support Team can also access Your personal information to verify Your age, as well as the legacy of Your activity on Our Website and the online platforms of Our affiliates.

We rely on Your personal information to provide You with the marketing information and special offers depending on Your preferences.

We partially scan Your data with the analytics tools and advertising services to find out about the effectiveness of Our work and the functionality of Our Website. We do this to improve our Customer Service and not to identify Our Clients personally.

We can use Your geographical location to help Our marketing and advertising partners post relevant advertisements on Our Website that will correspond with Your place of residence and Your needs.

We use Your contact information only for communication with Our Support Team. We will never share Your contact information with anyone who can use it for marketing or promotion purposes.

PERSONAL INFORMATION PROTECTION

We use HTTPS/TLS encryption to protect the personal information of Our Users. This technology guarantees 100% protection of Your data so that it will never be stolen or transferred anywhere without Your permission.

All payments and transactions performed through Our Website are secure because of the additional encryption and enhanced gateway. Remember that We are not responsible for the breaches of security caused by Your irresponsible actions or Our service suppliers.

STORAGE TIME

We only store personal data for as long as is necessary to fulfill the purposes pursued. In some cases, the legislator provides for the storage of personal data, for example in tax or commercial law. In these cases, the data will only be stored by Us for these legal purposes but will not be processed in any other way and deleted after expiry of the legal retention period.

COOKIES

We use so-called session cookies to optimize our website. A session cookie is a small text file that is sent by the respective servers when You visit a website and stored temporarily on Your hard drive. This file as such contains a so-called session ID, with which You can assign various requests of Your browser to the common session. This will allow Your computer to be recognized when You return to our website. These cookies are deleted after You close Your browser.

We also use persistent cookies to a small extent, which remain on Your terminal device and enable us to recognize Your browser the next time You visit. These cookies are stored on Your hard disk and are deleted automatically after the specified time. Their life span is 1 month to 10 years. This enables Us to present our services to You in a more user-friendly, effective and secure manner and, for example, to display information on the site that is specifically tailored to Your interests.

Our legitimate interest in the use of cookies is to make our website more user-friendly, effective and secure.

The following data and information are stored in the cookies:

• Language settings;

• Geo-data;

• Age;

• Gender;

• Device and operational system of device You use to enter Our website;

• Entered search terms;

• Information about the number of visits to Our website and use of individual functions of the website.

When the cookie is activated, it is assigned an identification number and Your personal data is not assigned to this identification number. Your name, IP address or similar data that would allow the cookie to be assigned to You will not be placed in the cookie. Based on the cookie technology, we only receive pseudonymous information, for example about which pages of our website were visited, which products or offers were viewed, etc.

You can set Your browser so that You are informed in advance about the setting of cookies and can decide in individual cases whether You want to exclude the acceptance of cookies for certain cases or in general, or that cookies are completely prevented. This may limit the functionality of the website.

GOOGLE-ANALYTICS

We use Google Analytics, a web analysis service of Google Inc. “(“Google”). Google Analytics uses “cookies”, which are text files placed on Your computer, to help the website analyze how users use the site. The information generated by the cookie about the use of this website by page visitors is usually transferred to a Google server in the USA and stored there.

This is also our legitimate interest pursuant to GDPR and US data protection laws.

Google has signed and certified itself under the Privacy Shield Agreement between the European Union and the USA. By doing so, Google undertakes to comply with the standards and regulations of European data protection law.

The IP address transmitted by Your browser in the context of Google Analytics is not merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on Your browser, however, note that if You do this You may not be able to use the full functionality of this website.

You can also prevent the transmission to Google of data generated by the cookie and relating to Your use of the website (including Your IP address) and the processing of this data by Google by downloading and installing the browser plug-in.

VISITORS BEHAVIOR PATTERNS

We study the behavior patterns of Our Users and track the number of people in different parts of the Website. We do not identify the Users in any way, and this process is performed to analyze Our work and the work of the Website elements.

PRIVACY POLICY POSSIBLE CHANGES

We reserve the right to change the Privacy Policy section and add more information to it. We are not obliged to notify the Users about the changes applied to the current Privacy Policy. It means that the Users are to check this section for themselves to find out more about the way their personal information is protected.

RIGHT OF APPEAL TO A SUPERVISORY AUTHORITY

In particular, if You have US residentship, in the Member State where You are staying, working or suspected of having infringed the law, if You believe that the processing is unlawful.

WHAT WE DON’T DO WITH THE INFORMATION WE GATHER

We will not disclose, sell, distribute, rent, lease or use any of a User’s data or pass on any such personal information to third parties, which are not Our officers, directors, members, managing members, employees, business partners, affiliates, strategic partners, licensors, licensees, independent contractors, third-party service providers, agents or representatives, unless We have Your permission or are required by law to do so.

We do not store Your credit card information. The credit card information and actual processing do not take place on and is not stored on Our servers. The transaction is processed on the servers of the particular credit card processor We use to process the transaction.

NOTICE TO INDIVIDUALS IN THE STATE OF CALIFORNIA (USA)

Your Rights as a California Resident

As a California resident, You may have certain rights in relation to Your personal information.

Right to Know

You may have the right to know how we have collected, used and disclosed Your personal information. Specifically, You may have the right to know:

• The categories of personal information we have collected about You.

• The categories of sources from which we have collected Your personal information.

• The business or commercial purpose for which we collect, sell or share Your personal information.

• The categories of third parties to whom we have disclosed Your personal information.

• The categories of personal information that we disclosed for a business purpose and the categories of third parties to whom Your personal information was disclosed for a business purpose.

• The categories of personal information we have “sold” to or “shared” with  third parties and the categories of third parties to whom we have “sold” or “shared” Your personal information.

You may have the right to know the specific pieces of personal information we have collected about You.

Right to Make a Deletion Request

You may have the right to request that we delete Your personal information that we have collected about You. Subject to certain exceptions, we must delete Your personal information and direct any service provider or contractor to delete Your personal information.

Right to Correct Inaccurate Personal Information

You may have the right to request that we correct inaccurate personal information about You, taking into account the nature of the personal information and the purposes of the processing of the personal information.

Right to Opt-Out of Sales of Personal Information

You may have the right to opt-out of the sale of Your personal information.

Right to Opt-Out of Sharing of Personal Information

You may have the right to opt-out of us sharing Your personal information for cross-context behavioral advertising purposes.

Right to Limit Use and Disclosure of Sensitive Personal Information

Subject to certain exceptions, You may have the right to limit our use and disclosure of Your sensitive personal information. We do not use or disclose sensitive personal information in a manner that gives rise to this right.

Right to Non-Discrimination

You have the right to not be discriminated against by us for choosing to exercise Your rights under the CCPA.

Other Rights: Notice to California Consumers

You have other rights under California’s “Shine the Light” law. California Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the businesses’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. Alternately, such businesses may have in place a policy not to disclose personal information of customers to third parties for the third parties’ direct marketing purposes if the customer has exercised an option to opt-out of such information-sharing. We have such a policy in place. As discussed above, if You wish to opt-out of our sharing of Your information with third parties for the third parties’ direct marketing purposes, please contact the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs in writing at 1625 North Market Blvd., Suite N 112, Sacramento, California 95834 or by telephone at (800) 952-5210 or (916) 445-1254.

Categories of Data that We Hold about You

As mentioned above, We maintain data about You in only pseudonymized form, which means that we do not know Your identity because we do not process Your name, email address, or other identifiable information. Instead, we only process digital identifiers such as cookie IDs, IP addresses, mobile advertising IDs on Your device, network browsing history and associated preferences, and in some limited circumstances, Your hashed email address.

Why We Collect Your Personal Information

We process Your Personal Information in order to provide Services and personalized advertisements to You.

Where do We Collect Your Personal Information

We automatically collect User Information when Users interact with our Services that appear on our Customers’ websites and digital properties. Like most other web-based services, we collect this User Information through cookies and other technologies. We may also obtain Information about You from our data partners.

We collect Information either directly from You during Your use of our Sites and Services or from third parties that independently collect this Information from You, and we may combine the Information that we collect from these various sources. For more information about these collection methods, please see Sections above.

How do We Share Your Personal Information

We may disclose or make available Your pseudonymous Personal Information to our trusted partners. In most cases when we do so, we have contractually restricted their uses of this data for only Our business purposes. Under the CCPA, such disclosures of Personal Information to service providers are not deemed to be a “sale” and thus are not prohibited after You exercise Your right to cease or restrict disclosures or sales of Your Personal Information to third parties. In any instances where we have not entered into a service provider relationship with such third parties, we will stop sharing Your Personal Information when You instruct us not to “sell” Your Personal Information.

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.We do not specifically market to children under 13.

Fair Information Practices

• The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

• In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur

• We will notify the users via in site notification

• Within 7 business days

We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

NOTICE TO INDIVIDUALS IN THE STATE OF VIRGINIA (USA)

Your Rights as a Virginia Resident:

As a Virginia resident, You may have certain rights in relation to Your personal data.

Right to Confirm

You may have the right to confirm whether we process Your personal data and to access such personal data.

Right to Delete

You may have the right to request that we delete Your personal data that we have collected about You. Subject to certain exceptions, we must delete Your personal data.

Right to Correct Inaccurate Personal Data

You may have the right to request that we correct inaccurate personal data about You, taking into account the nature of the personal data and the purposes of the processing of Your personal data.

Right to Opt-Out of Processing of Personal Data for Targeted Advertising

You may have the right to opt-out of the processing of Your personal data for purposes of targeted advertising.

Right to Opt-Out of the Sale of Personal Data

You may have the right to opt-out of the sale of Your personal data.
Right to Opt-Out of Profiling

You may have the right to opt-out of the processing of Your personal data for profiling in furtherance of decisions that produce legal or similarly significant effects concerning You.

Right to Obtain a Copy of Your Personal Data

You may have the right to obtain a copy of Your personal data that You previously provided to us.

Right to Non-Discrimination

You have the right to not be discriminated against by us for choosing to exercise Your rights under the VCDPA.

NOTICE TO INDIVIDUALS IN THE STATE OF COLORADO (USA)

Your Rights as a Colorado Resident:

Right to Access

You have the right to confirm whether a controller is processing personal data concerning You and to access Your personal data.

Right to Correction

You have the right to correct inaccuracies in Your personal data, taking into account the nature of the personal data and the purposes of the processing of Your personal data.

Right to Delete

You  have the right to delete personal data concerning You.

Right to Data Portability

You have the right to obtain personal data in a portable and, to the extent technically feasible, readily usable format that allows You to transmit the data to another entity without hindrance.

Right to Opt-Out

You have the right to opt-out of the processing of personal data concerning You for the purposes of:

• targeted advertising

• the sale of personal data

• profiling in furtherance of decisions that produce legal or similarly significant effects concerning a consumer.

Right to Appeal

According to the Colorado Privacy Act regulations, Your request must be responded to within 45 days of receipt. The covered entity may subsequently extend that deadline by an additional 45 days if they are able to show reasonable necessity. However, when the deadline is extended, You must be notified by Us within the initial 45-day response period.

NOTICE TO INDIVIDUALS IN THE STATE OF UTAH (USA)

Your Rights as a Utah Resident:

Right to access, including confirming whether a controller is processing their data, and the ability to request and receive that data;

Right to deletion of personal data, if the data subject directly provided the data to the controller;

Right to portability, obtaining a copy of their personal data that they provided to the controller, in a format that is:

• portable to a technically reasonable extent

• readily usable to a practical extent

• enables the consumer to transmit the data to another controller reasonably easily, where the processing is carried out by automated means.

Right to opt out of certain processing, specifically for the sale of the personal data or the purposes of targeted advertising;

Some rights that are present in other US state-level laws, but absent from the UCPA, include the right to opt out of profiling and the right to correct (to request and have omissions or inaccuracies in one’s personal data corrected).

We under the Utah privacy law are not required to recognize “universal opt-out signals” as a method for consumers to opt out of data processing.

NOTICE TO INDIVIDUALS IN THE STATE OF CONNECTICUT (USA)

Your Rights as a Connecticut Resident:

Right to access. You have the right to confirm whether or not a controller is processing Your personal data and access such personal data. However, there is an exception to this right where such confirmation or access would require the controller to reveal a trade secret.

Right to correct. You have the right to correct inaccuracies in Your personal data, taking into account the nature of the personal data and the purposes of the processing of Your personal data.

Right to delete. You also have the right to delete personal data provided by or obtained about You.

Right to data portability. You have the right to obtain a copy of Your personal data processed by the controller, in a portable and, to the extent technically feasible, readily usable format that allows You to transmit the data to another controller without hindrance, where the processing is carried out by automated means, provided such controller shall not be required to reveal any trade secret.

The type of data You have a right to obtain a portable copy of is particularly notable. The Act Concerning Personal Data Privacy and Online Monitoring (“CTDPA”) allows You to obtain a copy of the data a controller has processed about You regardless of how the controller acquired it.

Right to opt out. You have the right to opt out of the processing of the personal data for the purposes of:

• targeted advertising,

• the sale of personal data, or

• profiling in furtherance of solely automated decisions that produce legal or similarly significant effects concerning the consumer.

CAN-SPAM ACT

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect Your email address in order to:

• Send information, respond to inquiries, and/or other requests or questions;

• Process orders and to send information and updates pertaining to orders;

• We may also send You additional information related to Your product and/or service.

To be in accordance with CAN-SPAM we agree to the following:

• NOT use false, or misleading subjects or email addresses;

• Identify the message as an advertisement in some reasonable way;

• Include the physical address of our business or site headquarters;

• Monitor third party email marketing services for compliance, if one is used;

• Honor opt-out/unsubscribe requests quickly;

• Allow users to unsubscribe by using the link at the bottom of each email.

INFORMATION FOR EU CITIZENS

If You are a citizen of the European Union, You can find detailed information about Your rights by following this link.

INFORMATION FOR CITIZENS OF CANADA

If You are a citizen of Canada, You can find detailed information about Your rights by following this link.

INFORMATION FOR CITIZENS OF AUSTRALIA

If You are a citizen of Australia, You can find detailed information about Your rights by following this link.

CONTACT US

Click here to contact us regarding this Privacy Notice or other related Privacy issues. You can also write to us as follows:

In the Hong Kong by registered mail:

Suzhou Allshine Imports & Exports Co. Ltd.

Address: Rm.12, Ho King Commercial Centre, 2-16

Fa Yuen str., Mongkok, Kowloon, Hong Kong

or send us an e-mail on: info@yosukata.com