1. Legal Compliance

1. • We comply with the Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong and align with GDPR (EU) standards where applicable.
   • We also observe local data protection regulations in the jurisdictions where we operate.

2. Data We Collect

1. • Personal identifiers (name, contact details, shipping address).
   • Payment information (processed via secure third parties).
   • Browsing and usage data (cookies, analytics).
   • Affiliate/referral identifiers (if applicable).

3. Purpose of Collection

1. • To process and fulfill orders.
   • To manage memberships and affiliate accounts.
   • To send marketing updates with prior consent.
   • To comply with legal obligations.

4. Data Sharing

1. • Shared only with logistics, payment processors, and operational partners as necessary.
   • We do not sell or commercially disclose personal data to third parties.

5. International Transfers

• • Data may be stored or processed outside Hong Kong under strict security standards.

6. Data Retention & Security

1. • Retention is limited to legal and operational requirements.
   • Security measures include SSL encryption, secure hosting, and role-based access control.

7. Your Rights (PDPO & GDPR)

1. • Right to access and correct personal data.
   • Right to withdraw consent.
   • Right to request deletion where legally permissible.
   • Right to lodge a complaint with the Hong Kong Privacy Commissioner for Personal Data.

8. 联络

For privacy matters, contact: support@laiyibiotech.com.

—