Privacy Policy

1. Introduction

Shenzhen HiveAlu Technology Co., Ltd. ("HiveAlu," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, engage with our services, or conduct business with us.

This policy applies to all users, including but not limited to:

• Website visitors and prospective clients
• Business partners and suppliers
• Newsletter subscribers and contact form users
• Customers placing orders or requesting quotes

By using our services or providing us with your personal data, you acknowledge that you have read and understood this Privacy Policy.

2. Data We Collect

We collect personal data necessary to provide our B2B services, respond to inquiries, and fulfill contractual obligations. The types of data we collect include:

2.1 Information You Provide Directly

• Contact Information: Name, job title, company name, email address, phone number, business address
• Business Inquiry Data: Project specifications, technical requirements, quantity requests, delivery timelines
• Account Information: Login credentials if you create a customer account
• Payment Information: Billing address, purchase order details (payment processing is handled by third-party secure processors)
• Communication Records: Email correspondence, chat transcripts, phone call records (for quality assurance)

2.2 Information Collected Automatically

• Technical Data: IP address, browser type, operating system, device information
• Usage Data: Pages visited, time spent on pages, click patterns, referral sources
• Cookies & Tracking Technologies: See Section 8 for detailed information

2.3 Information from Third Parties

• Business contact information from trade show registrations, industry directories, or professional networks (e.g., LinkedIn)
• Credit check data from financial institutions (for large orders)
• Shipping and logistics data from freight forwarders

3. How We Use Your Data

HiveAlu processes your personal data for the following legitimate business purposes:

3.1 Service Delivery & Contract Fulfillment

• Processing quote requests and custom specifications
• Manufacturing and delivering aluminum honeycomb panels
• Providing technical support and engineering consultation
• Managing orders, invoicing, and payment processing

3.2 Communication & Customer Relationship

• Responding to inquiries within our <24-hour commitment
• Sending order confirmations, shipping updates, and delivery notifications
• Providing product updates, technical documentation, and industry insights (with consent)
• Conducting customer satisfaction surveys

3.3 Business Operations & Compliance

• Maintaining accurate records for ISO 9001:2015 quality management
• Complying with legal obligations (tax, customs, export regulations)
• Preventing fraud and ensuring transaction security
• Enforcing terms of service and protecting intellectual property

3.4 Marketing & Analytics (with Consent)

• Sending newsletters about new products, case studies, and industry trends
• Analyzing website traffic to improve user experience
• Conducting market research to develop better solutions

Note: You can opt out of marketing communications at any time using the unsubscribe link in emails or by contacting us.

4. Data Sharing & Disclosure

HiveAlu does not sell your personal data. We only share data with trusted third parties under strict confidentiality agreements:

International Data Transfers: As a China-based manufacturer serving global markets (US, UK, Germany, Korea, Middle East), your data may be transferred to and processed in jurisdictions with different data protection laws. We ensure adequate safeguards through:

• Standard Contractual Clauses (SCCs) approved by the EU Commission
• Privacy Shield equivalent mechanisms (where applicable)
• Binding Corporate Rules for intra-group transfers

5. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this policy or as required by law:

• Active Customer Data: Duration of business relationship + 7 years (for accounting and warranty purposes)
• Quote Requests (No Order): 3 years (to track inquiries and improve conversion)
• Marketing Consent Data: Until consent is withdrawn or 2 years of inactivity
• Website Analytics: 26 months (Google Analytics default)
• Legal Compliance Records: As required by applicable laws (e.g., 10 years for tax records in China)

After retention periods expire, we securely delete or anonymize data in accordance with industry best practices.

6. Your Rights (GDPR & CCPA Compliance)

Depending on your location, you have the following rights regarding your personal data:

6.1 Rights Under GDPR (EU/EEA/UK Users)

• Right to Access: Request a copy of the personal data we hold about you
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your data (subject to legal retention requirements)
• Right to Restrict Processing: Limit how we use your data in certain circumstances
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Opt out of processing for direct marketing or legitimate interests
• Right to Withdraw Consent: Revoke consent for data processing (does not affect prior lawful processing)
• Right to Lodge a Complaint: File a complaint with your local data protection authority

6.2 Rights Under CCPA (California Residents)

• Right to Know: Request disclosure of data collected, sources, purposes, and third parties
• Right to Delete: Request deletion of personal information (with exceptions)
• Right to Opt-Out: Opt out of the "sale" of personal information (HiveAlu does not sell data)
• Right to Non-Discrimination: Equal service and pricing regardless of privacy rights exercise

How to Exercise Your Rights

To submit a request, contact us at:

• Email: [email protected]
• Subject Line: "Data Rights Request - [Your Name]"

We will respond within 30 days (GDPR) or 45 days (CCPA). We may request verification of your identity before processing requests.

7. Security Measures

HiveAlu implements industry-standard technical and organizational measures to protect your data:

Technical Safeguards

• Encryption: TLS/SSL encryption for data in transit; AES-256 encryption for sensitive data at rest
• Access Controls: Role-based access with multi-factor authentication (MFA) for internal systems
• Firewalls & Intrusion Detection: 24/7 monitoring and automated threat detection
• Regular Security Audits: Annual penetration testing and vulnerability assessments

Organizational Safeguards

• Employee training on data protection and confidentiality
• Strict access policies limiting data access to authorized personnel only
• Vendor due diligence and contractual data protection obligations
• Incident response plan for data breaches (notification within 72 hours as required by GDPR)

Important: While we strive to protect your data, no method of transmission over the internet is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

8. Cookies & Tracking Technologies

Our website uses cookies and similar technologies to enhance user experience and analyze site performance.

Types of Cookies We Use

Managing Cookies

You can control cookies through:

• Browser Settings: Most browsers allow you to block or delete cookies (see browser help documentation)
• Opt-Out Tools: Google Analytics Opt-Out
• Cookie Consent Banner: Adjust preferences via the banner on your first visit

Note: Disabling essential cookies may affect website functionality.

9. International Data Transfers

HiveAlu operates globally and may transfer your data to countries outside your jurisdiction. We ensure compliance through:

• Adequacy Decisions: Transfers to countries recognized by the EU Commission as providing adequate protection
• Standard Contractual Clauses (SCCs): Legally binding agreements with third parties to protect data
• Binding Corporate Rules: Internal policies for intra-group transfers within HiveAlu entities
• Explicit Consent: Obtained when required for specific transfers

For more information on transfer mechanisms, contact our Data Protection Officer at [email protected].

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or business operations. When we make material changes:

• We will update the "Last Updated" date at the top of this page
• For significant changes, we will notify you via email (if you have an account) or a prominent website notice
• Continued use of our services after changes constitutes acceptance of the updated policy

We recommend reviewing this policy regularly to stay informed about how we protect your data.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: