Privacy Policy
We are committed to protecting your personal data and respecting your privacy rights in compliance with the EU General Data Protection Regulation (GDPR) and applicable U.S. privacy laws.
Overview & Scope
This Privacy Policy applies to TouchTech Solutions Co., Ltd. ("we," "us," or "our"), a professional custom touch screen manufacturer based in China, serving customers primarily in the European Union and the United States. This policy governs how we collect, use, store, and protect personal data when you interact with our website, products, and services.
We are committed to complying with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws. By using our website or engaging our services, you acknowledge the practices described in this policy.
Data Security
Industry-standard encryption & access controls
Your Rights
Full GDPR & CCPA rights respected
Transparency
Clear & lawful data processing purposes
Data We Collect
We collect only the minimum personal data necessary to provide our services. The categories of data we may collect include:
Contact & Identity Data
- Full name and job title
- Business email address
- Phone number
- Company name and address
Technical & Usage Data
- IP address and browser type
- Pages visited and time on site
- Referring URL and device type
- Cookie identifiers
Business & Transaction Data
- Inquiry and order details
- Product specifications and requirements
- Communication records
- Payment and shipping information
Marketing Data
- Newsletter subscription preferences
- Industry and product interests
- Communication preferences
- Trade show & event participation
Legal Basis for Processing (GDPR)
Under the EU GDPR (Article 6), we process personal data only when we have a valid legal basis. The following grounds apply to our data processing activities.
Contractual Necessity
Processing is necessary to perform a contract with you or to take steps at your request before entering into a contract -- for example, processing your OEM/ODM order or customization inquiry.
Legitimate Interests
We process data where it is in our legitimate interests to do so and not overridden by your data protection interests -- such as improving our website, preventing fraud, and managing our business relationships.
Consent
Where we rely on your consent -- such as for marketing emails or non-essential cookies -- you have the right to withdraw your consent at any time without affecting the lawfulness of prior processing.
Legal Obligation
Processing is necessary to comply with applicable laws and regulations, including export control regulations, tax obligations, and anti-money laundering requirements.
How We Use Your Data
We use the personal data we collect for the following specific purposes:
Order Processing
Managing and fulfilling custom touch screen orders and OEM/ODM projects
Customer Support
Responding to inquiries, technical support, and after-sales service
Product Development
R&D improvements based on customer feedback and market demands
Marketing & Communications
Sending relevant product updates and industry news (with consent)
Legal Compliance
Meeting export control, trade, and regulatory requirements
Website Analytics
Analyzing site usage to improve user experience and content relevance
Data Sharing & International Transfers
We do not sell, rent, or trade your personal data. We may share your data with trusted third parties only under the following circumstances:
Service Providers & Processors
We engage third-party service providers (e.g., logistics, payment processors, CRM platforms) who process data on our behalf under strict data processing agreements compliant with GDPR Article 28.
Business Partners & Distributors
Where you are an authorized agent or distributor, we may share relevant data with our regional partners to facilitate order fulfillment and customer service.
Legal & Regulatory Authorities
We may disclose data when required by law, court order, or government authority, including for customs, export control, and trade compliance purposes.
International Data Transfers
As a China-based company serving EU and U.S. customers, we transfer personal data internationally. For EU residents, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and implement appropriate technical and organizational safeguards to ensure your data receives an equivalent level of protection.
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements.
| Data Category | Retention Period | Legal Basis |
|---|---|---|
| Customer & Order Records | 7 years | Legal Obligation |
| Contract & Transaction Data | 7 years | Legal Obligation |
| Marketing & Consent Records | Until withdrawal + 3 years | Consent |
| Website Analytics Data | 26 months | Legitimate Interest |
| Inquiry & Support Records | 3 years after last contact | Legitimate Interest |
Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data under GDPR (EU residents) and CCPA (California residents):
Right to Access
Request a copy of the personal data we hold about you.
Right to Rectification
Request correction of inaccurate or incomplete data.
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
Right to Object
Object to processing based on legitimate interests or for direct marketing.
Right to Portability
Receive your data in a structured, machine-readable format.
Right to Restrict
Request restriction of processing in certain circumstances.
How to exercise your rights: Submit a request to [email protected]. We will respond within 30 days (GDPR) or 45 days (CCPA). You also have the right to lodge a complaint with your local data protection authority.
Data Security
We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, in accordance with GDPR Article 32.
TLS/SSL encryption for all data transmission
Access controls and role-based permissions
Regular security audits and penetration testing
Data breach response plan and 72-hour notification
Staff data protection training and awareness programs
Secure data centers with physical access controls
Important Notice: While we implement robust security measures, no method of transmission over the Internet is 100% secure. We encourage you to use secure connections and protect your account credentials. In the event of a data breach affecting your rights, we will notify you as required by applicable law.
Contact & Data Protection Officer
For any questions about this Privacy Policy, to exercise your data rights, or to report a privacy concern, please contact us through the following channels:
Company Information
YouFineTech(ShenZhen) Co., Ltd.
Room A1037, Blocks A&B, New Energy Building, No. 2239 Nanhai Avenue, Nanguang Community, Nanshan Sub-district, Nanshan District
Shenzhen, Guangdong, China 518000
Data Protection Officer (DPO)
Privacy & Compliance Team
Designated DPO for GDPR matters
Response time: within 30 days (GDPR) / 45 days (CCPA)
Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by posting the new policy on this page with an updated "Last Updated" date, and where required by law, by sending you a direct notification. We encourage you to review this policy periodically.