Privacy Policy — TOPONE CHAIN (Xintai Taida Mirso Co., LTD)-Blog-TOPONE Chain Lifting

Last Updated: 2025-08-14

Website: https://www.lifting-chain.com/
Legal Entity (Data Controller): Xintai Taida Mirso Co., LTD
Contact (privacy): [email protected]

This Policy explains how we collect, use, disclose, and protect personal data when you visit our Website, request a quote, place an order, or interact with us. It follows the EU/UK GDPR principles and includes regional notices for Canada (PIPEDA) and other applicable laws.

1) Scope & Roles

Applies to: visitors, prospects, customers, suppliers, and business contacts who access or use our Website or communicate with us by email, phone, or forms.
Controller: Xintai Taida Mirso Co., LTD determines purposes and means of processing.
Processors: We use vetted service providers for hosting, analytics, payments, shipping, CRM, and marketing communication under written data-processing agreements.

2) What Data We Collect

We collect only what we need for the purposes below.

A. You provide:

Identification & contact: name, company, role, email, phone, country/region, VAT/Tax ID.
Business details: inquiry content, purchase orders, shipping info, after-sales records.
Account/portal data (if enabled): usernames, access logs.
Communications: emails, messages, call notes, support tickets.

B. Collected automatically (when you visit):

Device & usage: IP address, browser/OS, language, referring/exit pages, time stamps, pages viewed, clicks.
Cookies/SDKs: strictly necessary cookies; with consent, performance/analytics and functional cookies. See Cookie Notice .

C. From third parties (B2B context):

Logistics & payment partners (transaction confirmation, delivery status).
Public business registries or trade databases (to verify business identity and prevent fraud).

We do not seek special-category data (e.g., health, religion). Please do not submit such data.

3) Why We Use Your Data (Purposes) & Legal Bases (GDPR)

Purpose	Examples	Legal Basis
Respond to inquiries & provide quotes	RFQs, product specs, WLL tables, certifications	Contract or pre-contractual steps
Process orders & deliver	Invoicing, payment processing, logistics, returns	Contract, Legal obligation (tax)
Customer support & warranty	Technical guidance, inspection records	Contract, Legitimate interests
Improve Website & products	Aggregate analytics, performance metrics	Consent (for non-essential cookies), Legitimate interests (security)
Security & fraud prevention	Access logs, abuse detection, sanctions screening	Legitimate interests, Legal obligation
Marketing to business contacts	Product updates, show invitations, newsletters	Consent (where required) or Legitimate interests with opt-out

4) Sharing & Disclosure

We share data only as necessary, under contractual safeguards:

Hosting & IT/security providers (infrastructure, backup, DDoS protection).
Analytics & performance tools (aggregated usage metrics; only with consent where required).
Payment & invoicing processors (we do not store full card details on our servers).
Logistics & customs partners (shipping, delivery, import/export compliance).
Professional advisors (accounting, legal, audit).
Authorities where required by law or to protect our rights or users.

We do not sell personal data.

5) International Transfers

We operate globally. When data leaves your jurisdiction, we protect it via:

EU/UK Standard Contractual Clauses (SCCs)/IDTA with processors outside the EEA/UK.
Supplementary measures (encryption in transit/at rest, access controls).
Data minimization and purpose limitation.

6) Retention

We keep data only as long as needed:

Quotes/communications: up to 24 months after last contact (unless you ask us to delete earlier).
Contracts, orders, invoices: for the statutory period (e.g., 7–10 years, depending on local law).
Log files & security events: typically 12–24 months.
When retention ends, we delete or irreversibly anonymize data.

7) Your Rights

EU/UK (GDPR): access, rectification, erasure, restriction, portability, and objection; withdraw consent at any time (does not affect prior processing). You can lodge a complaint with your local Data Protection Authority.

Canada (PIPEDA): access and request correction; ask about our use and disclosure of your information; withdraw consent subject to legal/contractual limits.

How to exercise: email [[email protected]] with your request and enough information to verify identity. We respond within statutory timeframes.

8) Security

We implement administrative, technical, and physical safeguards, including: HTTPS/TLS, restricted access, role-based controls, MFA for admin accounts, encrypted backups, vulnerability management, and employee confidentiality commitments. No method is 100% secure; we continuously improve our controls.

9) Marketing Communications

We send B2B product updates and event invitations to business contacts who consented or where local law permits legitimate-interest B2B outreach. You can unsubscribe anytime via the email footer or by contacting us. We honor local rules (e.g., EU ePrivacy/soft opt-in, Canada anti-spam requirements).

10) Cookies & Similar Technologies

Strictly necessary cookies run to deliver pages, remember cart/quote sessions, and secure forms.
Analytics/Performance cookies run only with consent where required; we use aggregated metrics to improve speed and navigation.
Functionality cookies remember language/region.
Advertising cookies are not used unless we present a dedicated consent choice in specific regions.

Managing cookies: use our cookie banner preferences and your browser settings. See our separate Cookie Notice for a current list of cookies, providers, and lifetimes. If you disable non-essential cookies, the Website still functions but some features may work differently.

11) Children

Our Website targets business users. We do not knowingly collect data from children. If you believe a child provided data, contact us to delete it.

12) Third-Party Links

Our pages may link to third-party sites (e.g., YouTube test videos, standards). Those sites have their own privacy policies. Please review them before submitting data.

13) Changes to This Policy

We update this Policy when our practices or laws change. We post a new “Last Updated” date and, if changes are material, we provide additional notice (e.g., banner or email where appropriate).

14) Contact Us

Data Controller: Xintai Taida Mirso Co., LTD
Brand: TOPONE CHAIN
Website: https://www.lifting-chain.com/
Email:[email protected]
Address: No.19,industrial park, taiancity, Shandong province, China
EU/UK Representative (if applicable under GDPR Art. 27): [Name, address, email]

Regional Addendum (Summary)

EU/UK GDPR: We rely on contract, consent, legitimate interests, and legal obligations. You may contact your local Supervisory Authority to lodge a complaint.
Canada (PIPEDA): We collect, use, and disclose information for reasonable business purposes identified in this Policy. You can request access and correction.
Other jurisdictions: We apply equivalent safeguards and honor local rights where applicable.

This document provides general information and does not constitute legal advice. Before publishing, please review with counsel to ensure it reflects your actual data flows, cookie vendors, and local requirements (e.g., EU/UK representative, Canada anti-spam (CASL) notices).

Privacy Policy — TOPONE CHAIN (Xintai Taida Mirso Co., LTD)