Privacy Policy

Duoying (Shenzhen) Supply Chain Co., Ltd. | Version 1.1 | Effective Date: 2026-01-02

Duoying (Shenzhen) Supply Chain Co., Ltd. (“we”, “us”, or “our”) respects data privacy and is committed to protecting relevant personal information and business data processed in connection with our ERP system and related services supporting authorized e-commerce and TikTok Shop operations.

1. Scope

This Privacy Policy describes how we collect, use, process, store, share, and protect data in connection with our ERP system and related services.

2. Data We May Process

• Store information
• Product information
• Order information
• Fulfillment and logistics information
• After-sales and customer service related information
• Account authorization information
• System logs and technical information
• Limited personal information contained in order or service records, where applicable

We only collect and process the minimum data necessary to provide the relevant services and perform authorized business functions.

3. How We Use Data

• Order management and synchronization
• Fulfillment and logistics coordination
• Customer service and after-sales support
• Store operations management
• System maintenance, troubleshooting, and security protection
• Compliance with applicable legal obligations
• Other authorized and legitimate business purposes related to our services

4. Data Storage and Hosting

Relevant business data may be processed and stored using Amazon Web Services (AWS) cloud infrastructure located in the United States.

5. Data Security

• Restricting access to authorized personnel only
• Applying least-privilege access principles
• Using HTTPS/TLS to protect data in transit where applicable
• Enabling MFA for important administrative accounts
• Applying encryption at rest within applicable AWS storage services
• Maintaining logging, monitoring, and timely patching as appropriate

6. Data Sharing

We do not sell relevant personal information or business data.

We may share data only in limited circumstances, such as:

• With authorized service providers supporting our systems or operations, including cloud hosting providers such as AWS
• When required by applicable law, regulation, legal process, or government request
• When necessary to protect our legal rights, systems, users, or business operations
• With authorization or consent where applicable

7. Data Retention

We retain relevant data only for as long as necessary to fulfill the purposes described in this Policy, to provide our services, or to comply with applicable legal or operational requirements.

8. Data Rights and Requests

Where applicable, individuals may request access to, correction of, or deletion of relevant personal information, subject to applicable law and verification of the request.

To submit a privacy or data-related request, please contact us at: dygyltt@126.com

9. International Processing

Because our cloud infrastructure may be located in the United States, relevant data may be stored or processed outside the country or region from which it originates, subject to reasonable security and access controls.

10. Policy Updates

We may update this Privacy Policy from time to time based on business, technical, or legal requirements.

11. Contact Us

If you have questions about this Privacy Policy or our data handling practices, please contact us at: dygyltt@126.com