1. INTRODUCTION
This Privacy Policy explains how UOrderVeri (“we,” “us,” or “our”) collects, uses, discloses, and safeguards your personal data when you visit our website (the “Site”) or use our services, which include factory inspection, product quality verification, social compliance audits, and related consulting for overseas buyers sourcing from China.
We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) (EU) 2016/679, the UK GDPR, and other relevant privacy frameworks.
2. DATA CONTROLLER
For the purposes of the GDPR, we are the data controller of your personal data.
3. PERSONAL DATA WE COLLECT
We may collect and process the following categories of personal data:
- Identity and contact data: Name, job title, company name, email address, telephone number, billing address, and shipping address.
- Account data: Username and password (if you create an account on our Site), communication preferences.
- Transaction data: Details about payments to and from you, inspection/audit reports requested, service history.
- Technical data: IP address, browser type and version, time zone setting, browser plug-in types, operating system and platform, device identifiers.
- Usage data: Information on how you use our Site, including pages visited, clickstream data, and download history.
- Communications data: Your correspondence with us via email, contact forms, or live chat.
Where you provide us with personal data of third parties (e.g., your colleagues or agents), you warrant that you have obtained their consent or are otherwise authorised to share such data with us.
4. HOW WE COLLECT YOUR PERSONAL DATA
We collect data by:
- Direct interactions: You give us your data when you fill in forms, request quotes, place orders, subscribe to newsletters, or contact us.
- Automated technologies: As you interact with our Site, we automatically collect technical and usage data via cookies, server logs, and similar technologies.
- Third-party sources: We may receive data from analytics providers (e.g., Google Analytics), payment processors, or business partners (e.g., trade platforms where you found us).
5. LEGAL BASIS AND PURPOSES FOR PROCESSING
Under the GDPR, we process your personal data only where we have a legal basis:
| Purpose | Legal Basis |
|---|---|
| To provide inspection, audit and consulting services | Performance of a contract with you or to take steps at your request prior to entering a contract |
| To process payments and invoices | Performance of a contract / Legitimate interests (to recover debts due) |
| To manage your account and our relationship | Performance of a contract / Legal obligation (e.g., record‑keeping) |
| To respond to your inquiries and customer support | Legitimate interests (to provide efficient service) / Performance of a contract |
| To improve our website and services | Legitimate interests (to develop our business and enhance user experience) |
| To comply with legal and regulatory obligations | Legal obligation (e.g., anti‑fraud, tax, customs laws) |
| To send marketing communications (only with your consent) | Consent (you may withdraw at any time) |
6. COOKIES AND TRACKING TECHNOLOGIES
Our Site uses strictly necessary cookies, functional cookies, and analytics cookies. For non‑essential cookies (e.g., marketing cookies), we obtain your prior consent via a cookie consent banner.
You may disable cookies through your browser settings, but this may affect the functionality of the Site. For detailed information, please see our [Cookie Policy] – available upon request.
7. DATA SHARING AND DISCLOSURES
We do not sell or rent your personal data. We may share your data with:
- Service providers: Third parties who help us operate our business, such as IT hosting, payment gateways (e.g., PayPal, Stripe), email distribution platforms, and document management systems. All processors are contractually bound to process data only on our instructions and to maintain GDPR‑level security.
- Professional advisors: Lawyers, auditors, insurers, and accountants where necessary for legitimate business purposes.
- Law enforcement or regulators: If required by law, court order, or to protect our rights, property, or safety, or that of our customers or others.
- Business transfers: In the event of a merger, sale, or reorganisation, your data may be transferred to the new owner, subject to the same privacy commitments.
All third‑country data transfers (including to our processors outside the EEA/UK) are safeguarded by Standard Contractual Clauses (SCCs) adopted by the European Commission or equivalent mechanisms.
8. INTERNATIONAL DATA TRANSFERS
We are based in China. If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, your personal data will be transferred to China and possibly to other countries where our sub‑processors are located.
China has not received an adequacy decision from the European Commission. Therefore, we implement appropriate safeguards such as the EU Standard Contractual Clauses to ensure that your data is protected to GDPR standards. You may request a copy of these safeguards by contacting us at [info@uorderveri.com].
9. DATA RETENTION
We retain your personal data only for as long as necessary to fulfil the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements.
- Transaction data (inspection reports, invoices) – 7 years after the end of the financial year (to comply with tax and commercial laws).
- Account and contact data – 3 years after your last interaction with us, unless you delete your account earlier.
- Marketing data (with consent) – until you withdraw consent or unsubscribe.
After retention expires, we securely delete or anonymise your data.
10. YOUR DATA PROTECTION RIGHTS
Under the GDPR, you have the following rights (subject to certain legal exceptions):
- Right to access – obtain a copy of your personal data.
- Right to rectification – correct inaccurate or incomplete data.
- Right to erasure (“right to be forgotten”) – request deletion of your data.
- Right to restrict processing – limit how we use your data.
- Right to data portability – receive your data in a structured, machine‑readable format.
- Right to object – object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent – at any time, without affecting the lawfulness of processing before withdrawal.
- Right to lodge a complaint – with your local supervisory authority (e.g., ICO in the UK, or your EU data protection authority).
To exercise any of these rights, please contact us at info@uorderveri.com. We will respond within one month.
11. DATA SECURITY
We implement appropriate technical and organisational measures to protect your personal data from accidental loss, unauthorised access, alteration, or disclosure. These include SSL encryption, access controls, firewalls, regular malware scans, and employee training. However, no internet transmission is 100% secure, and we cannot guarantee absolute security.
12. CHILDREN’S PRIVACY
Our Site and services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us so we can delete it.
13. THIRD‑PARTY LINKS
Our Site may contain links to third‑party websites (e.g., payment gateways or trade platforms). This Privacy Policy does not apply to those sites. We are not responsible for their privacy practices; please read their policies before providing any data.
14. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time. The updated version will be indicated by an amended “Last updated” date. Material changes will be notified to you by email or a prominent notice on our Site before they become effective.
15. CONTACT US
If you have any questions about this Privacy Policy, your data rights, or wish to make a complaint, please contact our Data Protection Officer (DPO) (if appointed) or our privacy team:
- Email: info@uorderveri.com
For EU/UK representatives (if required under GDPR Article 27), we will appoint a representative in the EU and UK and update this section accordingly. Please check with us for current details.
