1. Data Controller

YAOU (“we,” “us,” or “our”) operates the website https://yaoucd.com and is responsible for collecting and processing your personal data in compliance with international data protection laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Information We Collect

When you submit inquiries through our website forms, we may collect the following information:

Basic Identity Information: Name, company name.

Contact Details: Email address, phone number, physical address.

Business Inquiry Content: Information voluntarily provided in your message.

Technical Data: IP address, browser type, device information, and timestamps (collected automatically via cookies and analytics tools).

3. Purpose of Data Processing

We use your information only for:

Responding to your business inquiries and service requests.

Improving website functionality and user experience (e.g., analyzing traffic patterns).

Complying with legal obligations (e.g., tax or regulatory requirements).

4. Legal Basis & Retention Period

Legal Basis: Processing is based on your explicit consent (GDPR Article 6(1)(a)) when you voluntarily submit data through our forms.

Retention:

Inquiry data: Retained for up to 3 years unless a longer period is required by law.

Technical logs: Deleted after 1 year or once the processing purpose is fulfilled.

5. Data Security Measures

We implement industry-standard safeguards to protect your data:

SSL Encryption: All data transfers use HTTPS protocols.

Access Controls: Restricted access to authorized personnel only.

Regular Audits: Periodic reviews of security practices.

6. Third-Party Sharing

We do not sell or rent your data to third parties. Data may be shared only when necessary with:

Service Providers: Website hosting partners and IT maintenance vendors (strictly for operational purposes).

Legal Authorities: If required by law (e.g., court orders, tax audits).

Cross-Border Payment Processors: Only if transactions occur (to be specified if applicable).

7. Your Rights

Under applicable laws (e.g., GDPR, CCPA), you have the right to:

Access, correct, or delete your personal data.

Withdraw consent to data processing (email [email protected]).

Lodge a complaint with your local data protection authority.

8. International Data Transfers

As a global business, your data may be transferred to servers outside your country of residence. We ensure compliance via Standard Contractual Clauses (SCCs) or other legally recognized mechanisms.

9. Updates to This Policy

We may update this policy periodically. Significant changes will be notified via a website notice.

10. Contact Us

For questions, data requests, or concerns about this Privacy Policy, contact us at:
Email: [email protected]