Privacy Policy

Effective Date: [2024.1.23]

1. Information We Collect

a. Personal Information You Provide:

  • Contact Details: Name, email, phone number, shipping/billing address.
  • Payment Data: Credit card details (processed via PCI-DSS compliant gateways like Stripe/PayPal), cryptocurrency wallet addresses.
  • Account Credentials: Username, password (hashed and encrypted).

b. Automatically Collected Data:

  • Device & Browsing Data: IP address, browser type, device ID, pages visited, cookies (see Section 5).
  • Purchase History: Items viewed, cart activity, order timestamps.

c. Third-Party Sources:

  • Social Media: Profile data (if you log in via Facebook/Google).
  • Marketing Partners: Demographic data for targeted ads.

2. How We Use Your Information

PurposeData Types UsedLegal Basis (GDPR)
Order FulfillmentContact, PaymentContractual Necessity
Customer SupportEmail, Order HistoryLegitimate Interest
Marketing CampaignsBrowsing Data, EmailConsent (opt-in required)
Fraud PreventionIP, Device DataLegal Obligation
Site ImprovementsCookies, AnalyticsLegitimate Interest

3. Data Sharing & Disclosure

  • Service Providers:
    • Payment processors (Stripe, PayPal).
    • Logistics partners (DHL, FedEx) for shipping updates.
    • Cloud hosting (AWS, Google Cloud) with GDPR-compliant DPAs.
  • Legal Requirements:
    Disclose data if required by law (e.g., court subpoena, tax audits).
  • Business Transfers:
    Data may transfer during mergers/acquisitions, with prior notice.

4. International Data Transfers

  • EU/UK → Global:
    Protected via Standard Contractual Clauses (SCCs) or adequacy decisions.
  • California (CCPA):
    No sale of personal data to third parties.

5. Cookies & Tracking Technologies

a. Types Used:

  • Essential Cookies: Session management, cart retention.
  • Analytics: Google Analytics (anonymized IPs).
  • Advertising: Facebook Pixel (opt-out via Ad Settings).

b. Control:
Adjust preferences via our Cookie Consent Banner or browser settings.

6. Your Rights

  • Access & Portability: Request a copy of your data in CSV/JSON format.
  • Correction: Update inaccuracies via account dashboard.
  • Deletion: Submit erasure requests (excludes transactional records).
  • Opt-Out: Unsubscribe from marketing emails (link in footer).
  • Complaints: Lodge with your local Data Protection Authority (EU/UK).

To Exercise Rights:
Email privacy@sarzi.com with subject line “Data Request – [Your Name]”.
Response within 30 days (free of charge).

7. Data Retention

Data TypeRetention Period
Active AccountsUntil deletion request
Order Records7 years (tax compliance)
Marketing Consent3 years from last opt-in
Cookies1-24 months

8. Children’s Privacy

  • Age Restriction: No services offered to users under 13 (COPPA) or 16 (GDPR).
  • Verification: May request age proof for suspicious accounts.

9. Security Measures

  • Encryption: TLS 1.3 for data transit, AES-256 for storage.
  • Access Controls: Role-based permissions, 2FA enforcement.
  • Audits: Annual penetration testing by Cure53.

10. Policy Updates

  • Notified via email or site banner 15 days before changes take effect.
  • Archive: View historical versions by request.

11. Contact Us

  • Data Protection Officer: dpo@sarzi.com
  • Phone: +86 13267155676

Shopping Cart
Scroll to Top