What are you Looking for?
SHOPPING CART

Your shopping cart is empty!

SOLEIL TECH CO., LTD Privacy Policy

SOLEIL TECH CO., LTD (hereinafter referred to as "we"), as a UK-based menswear brand, always prioritizes the security and privacy of your personal data (hereinafter referred to as "you"). This policy is formulated in accordance with the EU General Data Protection Regulation (GDPR) and relevant UK data protection laws and regulations, clearly defining the ways, purposes, and boundaries of our collection, use, storage, transmission, and protection of your personal data, ensuring that all data processing is legal, transparent, and necessary, and providing you with a safe menswear shopping and service experience.

This policy applies to all personal data you provide to us or that we legally collect through our official website (soleilth.com), contact email (info@soleilth.com), offline communication, order processing, customer inquiries, and other channels. Whether you are a resident of the EU or not, this policy is binding on you as long as your personal data processing is governed by the EU GDPR.

I. Scope and Types of Personal Data Collection

(I) Core Data Types

  1. Identity and Contact Data: Includes your name, email address, phone number, and mailing address (including shipping address). This data is used to establish business contacts, process order fulfillment, respond to inquiries, and provide after-sales service. It forms the foundation for completing menswear transactions and services.
  2. Order and Transaction Data: Includes your order number, purchased product information (style, size, quantity, etc.), payment information (excluding sensitive payment data such as complete bank card passwords), and logistics records. This data is used to fulfill order contracts, complete payment settlements, and track order status.
  3. Website Access Data: Automatically collected through website server logs, cookies, and similar technologies. This data includes your IP address, browser type, access time, viewed pages (e.g., menswear category, product detail pages), dwell time, search keywords, and other non-identifiable information. This data is used solely to optimize website performance, improve page loading experience, and analyze user preferences to optimize menswear product display.
  4. Voluntary Data Provision: Additional personal data you voluntarily provide when seeking men's clothing styling advice, providing product feedback, or participating in our surveys or activities will be processed strictly based on the intended use.

(II) Data Collection Methods

  1. Proactive Provision: Personal data you proactively fill out or disclose when registering a website account, submitting men's clothing orders, sending inquiry emails, or purchasing goods offline.
  2. Automatic Collection: Access data automatically collected through website backend statistical tools and cookie technology. This data will be anonymized and will not individually identify individuals.
  3. Third-Party Sources: Necessary data obtained from legitimate and compliant third-party partners (such as payment institutions and logistics service providers) with your explicit consent. We will strictly verify the legality and security of third-party data sources to ensure compliant data acquisition.

II. Purpose and Legal Basis for Processing Personal Data

We process your personal data only when we have a legal basis as stipulated by GDPR. The specific purposes and corresponding legal basis are as follows:

  1. Fulfilling Contractual Obligations (Article 6, Paragraph 1(b) of GDPR): Processing your menswear orders, arranging delivery, completing payment settlements, and providing after-sales return and exchange services are necessary to fulfill the shopping contract between us and you.
  2. Obtaining Your Explicit Consent (Article 6, Paragraph 1(a) of GDPR): When collecting non-essential data (such as contact information for pushing new menswear products or styling tips), we will clearly inform you in advance and obtain your written or online confirmation. You may withdraw your consent at any time.
  3. Legitimate Business Interests (Article 6, Paragraph 1(f) of GDPR): To optimize the display of menswear products, improve the website user experience, prevent transaction risks, and promptly update you on order progress or logistics information, this processing is in line with our legitimate business needs and will not infringe upon your privacy rights.
  4. Compliance with Legal Obligations (Article 6, Paragraph 1(c) of the GDPR): To comply with legal requirements for responding to investigations by judicial authorities, fulfilling tax declarations, and meeting the requirements of laws and regulations concerning the traceability of men's apparel products and the protection of consumer rights, we will legally retain and process necessary data.

III. Restrictions on the Use and Sharing of Personal Data

(I) Restrictions on Use

We strictly adhere to the principle of "purpose-specific" use, using your personal data only within the scope of the processing purposes stated in this policy. Without your explicit consent or legal permission, we will never use it for any other purpose beyond that scope. If business adjustments require changes to the purpose of data processing, we will notify you in advance through official website announcements or email, and adjustments will only be made after obtaining the necessary consent.

(II) Data Sharing

We promise not to sell, rent, or transfer your personal data to any unrelated third party. We will only share your data in limited circumstances as required in the following situations, and will strictly control the scope of sharing:

  1. Service Partners: To complete the delivery and payment settlement of men's clothing orders, we will share necessary personal data (such as delivery address and order amount) with legally qualified logistics service providers and payment institutions. We will sign data protection agreements with our partners, requiring them to strictly comply with GDPR standards and use the data only for the designated service purposes, without unauthorized dissemination or secondary use.
  2. Legal Mandatory Requirements: Based on legal instructions from judicial or regulatory authorities, or to protect public interests and our own legitimate rights and interests, we will disclose personal data to relevant departments within the necessary scope.
  3. Corporate Restructuring Scenarios: In the event of mergers, acquisitions, asset transfers, or other corporate restructuring, your personal data will be transferred as part of the assets to the transferee. The transferee must continue to comply with this Privacy Policy and relevant laws and regulations to ensure that data protection standards are not lowered.

IV. Storage and Security Protection of Personal Data

(I) Storage Period

We store your personal data according to the principle of "minimum necessity and shortest duration," retaining it for the shortest time necessary to achieve the processing purpose: order data and transaction records will be retained until the contract is fulfilled and the statutory retroactive period is met, after which they will be automatically anonymized; access data, consultation records, etc., will be deleted within 12 months after the service ends. If the storage period needs to be extended due to legal requirements, we will retain it in accordance with the law and inform you of the basis and duration of retention.

(II) Security Protection Measures

We adopt dual security measures, both technical and managerial, in accordance with GDPR standards to comprehensively protect your personal data from unauthorized access, use, disclosure, alteration, damage, or loss:

  1. Technical Level: The website uses the HTTPS encrypted transmission protocol to provide end-to-end encryption protection for personal data; firewalls, access control systems, and data backup mechanisms are deployed, and security vulnerability detection and repair are conducted regularly to prevent data from being illegally accessed and obtained.
  2. Management Level: Establish a strict data access permission system, authorizing only personnel in essential positions to access personal data; all data operations are logged; regularly train employees on GDPR and data protection to enhance their privacy awareness; develop a data breach emergency plan, and in the event of a data breach, notify relevant regulatory agencies and affected individuals within 72 hours and take remedial measures to minimize losses.

V. Your Personal Data Rights (Based on GDPR)

Based on the EU GDPR, you enjoy full personal data rights. We will provide you with a convenient channel to exercise your rights and fully cooperate in responding:

  1. Right to Know: You have the right to know the specific circumstances of our collection and use of your personal data, including processing purposes, data types, sharing scope, and storage periods.
  2. Right to Access: You have the right to request a copy of your personal data and detailed information on the entire data processing process. We will provide copies free of charge (multiple copies may incur a reasonable fee based on management costs).
  3. Right to Correction: If your personal data contains errors (such as an incorrect shipping address) or is incomplete, you have the right to request us to correct or supplement it promptly. We will complete the processing and provide feedback within one month of receiving the request.
  4. Right to Erasure (Right to Be Forgotten): You have the right to request that we delete your personal data under legal circumstances such as when the data processing purpose has been achieved, the storage period has expired, or you withdraw your consent. We will promptly take deletion or anonymization measures (except in cases restricted by GDPR).
  5. Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in cases where there is a dispute over the accuracy of the data, the processing is illegal but you do not wish to delete the data, or the data needs to be retained as evidence.
  6. Right to Data Portability: You have the right to request that we provide your personal data in a structured, universal, and machine-readable format to facilitate your transfer to other data processors. We will cooperate without hindrance.
  7. Right to Withdraw Consent: If you have consented to provide personal data, you have the right to withdraw your consent at any time. Withdrawal of consent will not affect the validity of previous data processing actions based on lawful consent.
  8. Right to Object: You have the right to object to the processing of your personal data based on legitimate business interests. We will verify the grounds for objection, and if there is no legal basis prior to your rights, we will stop the relevant processing.
  9. Right to be unaffected by automated decision-making: You have the right to refuse decisions that significantly impact you based solely on automated decision-making (such as algorithmic recommendations). We will provide you with channels for manual intervention.
  10. Right to complain: If you believe our data processing practices violate GDPR or related laws and regulations, you have the right to file a complaint with the EU's personal data protection regulator or the UK Information Commissioner's Office (ICO).

VI. Cookie Usage Guidelines

Our website may use cookies and similar technologies to record your browsing preferences (such as frequently used men's clothing sizes and browsed product categories), optimize page loading speed, track website traffic, and improve your shopping experience. You can refuse or delete cookies through your browser settings, but some website functions (such as personalized recommendations and shopping cart memory) may be affected. We will not collect your sensitive personal data through cookies, and cookies are only used for website operation optimization and will not be used for other purposes.

VII. Rules for Cross-Border Data Transfer

If your personal data needs to be transferred outside the EU for business purposes, we will strictly comply with GDPR requirements and will only conduct transfers in the following compliant scenarios: transfers to countries or regions recognized by the European Commission as having adequate data protection levels; signing GDPR-compliant model contract terms with the recipient, clearly defining the rights and obligations of both parties; and adopting EU-recognized binding company rules and other compliance mechanisms to ensure the security of cross-border data transfers throughout the process and ensure that the recipient's data protection standards are consistent with GDPR.

VIII. Policy Changes and Notification

We may revise this Privacy Policy based on updates to GDPR and related laws and regulations, business adjustments, etc. The revised policy will be published on our official website (soleilth.com). If the revisions involve your core privacy rights, we will notify you in advance via email (info@soleilth.com), website pop-ups, etc., to ensure you fully understand the changes. The revised policy will take effect from the date of publication.

BACK TO TOP