Privacy Policy
Article 1: Consent to Collection of Personal Information and Collection Method
Hsieh (“Website”) has established a procedure where users can consent to the terms of use, collection of personal information, and the specific details regarding the use of such information. Users are considered to have agreed to the collection and use of their personal information by clicking the “Agree” button.
Article 2: Personal Information Collected and Purpose of Use
Personal Information refers to details like names, registration numbers, or other data that identifies individuals, either directly or when combined with other information.
Information Collected:
- General Members:
- Collection Time: Upon signing up.
- Mandatory: Username, password, email, and name.
- Optional: Profile image, date of birth, phone number, address.
- Purpose: Account creation, customer support, and notifications.
- Retention: Deleted upon account deletion or retained for 5 years if purchases were made.
- Order Information (Members and Non-Members):
- Collection Time: Upon placing an order.
- Mandatory: Name, address, phone number, email, payment details.
- Optional: Delivery instructions.
- Purpose: Payment processing and product delivery.
- Retention: Retained for 5 years.
Article 3: Collection via Cookies
Hsieh may use cookies to store and retrieve user information.
- Purpose of Cookies:
- Provide customized content based on user interests.
- Analyze user behavior for service improvement.
- Track product preferences for tailored services.
- Managing Cookies:
- Users can accept or reject cookies by adjusting their browser settings. However, rejecting cookies may limit some functionalities of the Website.
- Cookie Settings:
- Internet Explorer: Go to Tools > Internet Options > Privacy tab.
- Chrome: Go to Menu > Settings > Advanced > Content Settings > Cookies.
Article 4: Retention and Destruction of Personal Information
- Personal information is destroyed immediately after fulfilling the purpose of its collection unless retention is required by law.
- Protection of Consumers in e-commerce Act: Retain records on contracts, payments, and disputes for 5 years.
- Protection of Communication Secrets Act: Retain login records for 3 months.
- Destruction methods:
- Paper records: Shredded or incinerated.
- Electronic files: Completely erased using secure methods.
- Dormant Accounts:
- Users inactive for 12 months will be notified of potential account deactivation. If no response is received, their personal information may be archived and eventually destroyed after the statutory retention period.
Article 5: Provision of Personal Information to Third Parties
- Hsieh does not use or share personal information beyond the scope described without user consent, except in the following cases:
- When required by law for investigative purposes.
- When anonymized data is used for research or statistical analysis.
- Even when required by law, Hsieh ensures that information sharing is conducted responsibly.
Article 6: Access and Modification of Personal Information
- Users can access and modify their personal information through the Hsieh platform. Requests can also be made via email or in writing to the privacy officer.
- Corrections are promptly made, and any third party that received incorrect information is also notified.
Article 7: Withdrawal of Consent
- Users can withdraw consent for personal information collection at any time via the “Withdraw Consent” option on the Website or by contacting the privacy officer. Upon withdrawal, personal information is promptly deleted.
Article 8: Security Measures
Hsieh implements various measures to protect personal information, including:
- Encryption: Important data is encrypted and stored securely.
- Technological Safeguards: Regular updates and monitoring systems protect against unauthorized access, hacking, and viruses.
Article 9: Protection of Minors
Hsieh does not allow children under the age of 14 to sign up without parental consent. If such information is found, legal guardians can exercise their rights to manage or delete the child’s data.
Article 10: Chief Privacy Officer
Chief Privacy Officer:
Name: [Your Privacy Officer’s Name]
Email: [Your Privacy Officer’s Email]
Last Updated: [Date]