Privacy Policy


Policy Preface and Core Data Protection Principles

This independent Privacy Policy is formulated in accordance with global cross-border e-commerce data operation specifications and consumer personal information protection standards, applicable to all page browsing, account registration, commodity search, cart adding, order settlement, after-sales application and customer service interactive behaviors of all visitors and registered users on the premium hair color direct discount retail e-commerce platform. The policy standardizes full-process rules of user information collection, classified storage, authorized use, third-party linkage, data encryption protection and user autonomous data management, takes user information security as the core operation bottom line of the beauty e-commerce platform, and maintains neutral, official and rigorous website document writing tone.
The platform abides by three unchangeable core data protection principles in all business operation links. First, minimal collection principle: the platform only captures user information necessary to complete order delivery, after-sales docking and platform operation optimization, does not actively collect redundant personal sensitive information, does not force users to authorize browsing privacy permission and non-essential location permission. Second, non-sale data principle: all user shopping data, identity information and transaction records stored by the platform will not be sold, leased and traded to external marketing institutions, data aggregation companies and third-party advertising providers in any business scenario.
Third, autonomous user control principle: all registered users have independent viewing, modification and deletion access to personal platform data, can independently adjust information authorization scope and platform message receiving rights, and realize one-click account data clearing and account cancellation operation. All data processing behaviors of the platform serve physical hair dye commodity retail, cross-border order fulfillment, after-sales refund docking and website operation optimization, no private data diversion and commercial secondary utilization beyond e-commerce business scope exist.

Classified User Information Collection Scope

Voluntary user submitted information is the first major data category collected by the platform, including account registration basic information, global receiving address information filled in during checkout, order contact identity information and after-sales service demand description content actively submitted by users. Such information is independently filled and authorized by users when using e-commerce shopping functions, mainly used for warehouse outbound matching, cross-border logistics address docking, order information synchronization and after-sales ticket positioning, matching global distribution business demands of nourishing PPD-free, ammonia-free and peroxide-free hair dye commodities.
The platform does not capture complete bank card card numbers, third-party payment account core passwords and financial sensitive data; all payment transaction verification data are independently processed by compliant cross-border payment service providers, the e-commerce backend only stores masked transaction serial numbers for financial account reconciliation and order data archiving, and is isolated from personal identity database in encrypted partitions. Users can modify receiving address, account basic information and interactive preference settings independently at any time in personal account center.
Platform passive anonymous browsing data belongs to the second collection category. When users browse neon hair dye commodity pages, natural hair color product lists, sidebar recommendation modules and policy document pages, the platform automatically captures anonymous device model, browser type, network access area, page stay duration, commodity click track and search keyword records through built-in compliant analysis tools. All browsing data removes user personal identification tags uniformly, aggregates into overall website operation big data, and is used for homepage commodity layout optimization, hot-selling hair color shade recommendation and impulse consumption user browsing habit analysis.
Platform service interactive record data is the third collection content, including official customer service consultation records, return refund demand feedback, commodity product consultation content and user public product evaluation content submitted by users on the platform. Interactive records are encrypted and stored to unify customer service response standards, optimize product formula description copy and polish commodity detail page display content, and improve overall shopping experience of cross-border discount e-commerce platform.

Legal Authorization Scope of Data Business Use

Internal authorized use of user data covers all core e-commerce operational links. The platform operation team uses effective receiving address data to complete 1-3 days order warehouse arrangement and global cross-border distribution docking; uses order transaction data to complete USD currency financial reconciliation, inventory stock scheduling and hot-selling hair dye commodity inventory forecasting; uses after-sales interactive data to optimize 60-day return process and 5-10 day refund audit flow; uses anonymous browsing big data to adjust homepage banner discount display, site-wide 60% off commodity recommendation and summer promotional module layout.
Limited authorized third-party data sharing is limited to cooperative service institutions necessary for e-commerce operation, including certified cross-border logistics suppliers, compliant cross-border payment clearing institutions, encrypted cloud data storage servers and official after-sales ticketing system service providers. All third-party cooperative institutions sign data confidentiality binding agreements with the platform, can only obtain user data required for single service docking, have no right to extract extra platform user information and carry out independent marketing push, and are isolated from user private social information and life scene data.
The platform never shares user shopping preference, hair dye purchase record and cross-border order information with external beauty brand marketing teams, social media advertising delivery platforms and offline physical retail merchants. Combined with the platform’s direct discount retail positioning, user transaction privacy is fully protected, avoiding accurate commercial harassment and targeted advertising push after users purchase DIY hair color commodities.

User Autonomous Data Management Rights

All platform registered users enjoy complete information self-management rights supported by official backend system. Users can check bound personal information, historical order transaction archives, logistics docking records and after-sales service records in the account privacy dashboard in real time, download standardized personal shopping data reports for permanent local storage. Users can revise invalid receiving addresses, adjust account basic information and close non-essential platform message push permissions with one click, adapt to multi-region cross-border shopping demands of global users.
Users have the right to permanently delete single historical order data, expired address templates and closed customer service dialogue records independently, without affecting normal operation of ongoing orders and pending after-sales applications. Users can initiate official account cancellation requests after closing all pending orders and after-sales tickets; after identity verification is passed, the platform automatically clears all bound personal identifiable information permanently, retains only anonymous aggregated sales data for e-commerce business operation analysis, and does not reserve user private data secretly.
For guest checkout users without registered account binding, the platform automatically clears associated temporary order information after completing refund closing and logistics delivery settlement, realizes automatic release of temporary user data, and protects privacy rights of one-time shopping crowd of impulse consumption hair dye buyers.

Platform Data Encryption and Security Isolation Mechanism

The platform adopts enterprise-level end-to-end encryption technology for all stored user private data, realizes encryption protection during network data transmission and cloud server long-term storage, builds independent firewall for e-commerce user database, and resists external network crawling, data intrusion and information leakage risks. Internal platform employees implement role-based hierarchical data access authority management; front-line warehouse staff, logistics docking staff and customer service staff can only obtain data matching post duties, have no access to overall user information database and financial transaction sensitive data.
All server hardware storing user data is deployed in standardized compliant cloud data centers, with 24-hour operation security monitoring, multi-dimensional access identity verification and automatic encrypted data backup mechanism. The platform regularly completes network security vulnerability detection and system operation maintenance, matches data security operation standards of cross-border beauty e-commerce retail industry, and forms long-term stable privacy protection system.

Fixed Data Retention and Automatic Cleaning Rules

The platform sets classified fixed data retention cycles according to e-commerce operation demands and privacy compliance norms. Valid account bound personal basic information is retained synchronously during account activation period; completed order transaction and logistics data are reserved for standardized financial reconciliation and after-sales traceability cycle; closed after-sales refund and return records follow unified service archive cycle; anonymous browsing analysis data is automatically cleared after monthly operation report generation.
After data retention cycle expires, the system triggers irreversible automatic data cleaning program without manual intervention and delayed reservation. User active data deletion and account cancellation requests prioritize default system retention rules, accelerate private information clearing progress, and balance platform business archive demands and user privacy protection demands comprehensively.

Policy Iteration and User Synchronization Notification Rules

The platform has the independent right to optimize and adjust clauses of this Privacy Policy according to cross-border e-commerce data supervision updates and service iteration demands. After core policy content is revised, the homepage unified public notification entrance will be updated synchronously, and the latest official policy version will be displayed permanently in website footer policy column. The data rules effective at order payment confirmation shall bind the transaction preferentially, and updated clauses will not retroactively change privacy protection standards of completed shopping orders.