Privacy Policy
Last updated: November 12,2025
Key Summary
Thank you for choosing Zosi products and services. We fully understand the importance of your personal information and are committed to protecting it. This Privacy Policy clearly explains how we collect, use, store, share, and protect your personal information when you use our products and services, and informs you how to exercise your rights.
· Collected information: To enable business functions, we may collect your order information, contact information, payment information (processed by a licensed payment institution), device information, and browsing behavior.
· Information Use: We will process your information based on legal grounds such as contract performance, obtaining your consent, complying with legal obligations, or our legitimate business interests, for purposes including order processing, shipping, customer service, product improvement, and marketing promotion with your consent.
· Information sharing: We only share information with service partners such as logistics and payment when necessary, and are bound by contracts. We will never sell your personal information.
· Your rights: You have the right to access, correct, delete, withdraw consent, cancel your account, obtain copies, refuse automated decisions, and file complaints.
· Security: We use encryption and security measures to protect your information
· Contact: If you have any questions, comments or need to exercise your rights, please contact us through the methods provided below. We will respond to your request within the statutory period.
· Scope of Application: This policy applies to websites, mobile applications, and related products and services provided by Zosi (collectively referred to as "Services"). The primary purpose of this policy is to comply with the European Unions General Data Protection Regulation (GDPR), and it applies to our processing of personal information for the purpose of providing goods or services to individuals within the European Union (EU) and the European Economic Area (EEA), or for monitoring their behavior. In the event of any conflict between any provision of this policy and local laws (such as Chinas Personal Information Protection Law), the provisions of the local laws shall prevail.
See below for details.
1. Information about personal information processors
Personal Information Processor: Zosi Registered Address: Room 1003,10/F, Tower 1, Lippo Centre, 89 Queensway, Admiralty, Central & Western District, Hong Kong Contact Email: service@zositech.com Contact Phone: +1 (866) 841-6932
2. How we collect and use your personal information
When you visit our website, we will collect the following information in accordance with the principles of legality, legitimacy and necessity during your use of the Services:
· Personal information: Name, email address, mailing address, phone number, and other information you provide when ordering or registering an account
· Payment information: Payment information required by the payment channel (we do not store full credit card information)
· Device and browsing information: IP address, device type, operating system, unique device identifier (e.g., Androids Advertising ID or iOSs Identifier for Advertisers), browser type and version, network service provider, access time, browsing history, clickstream data, and other information collected through cookies and similar technologies.
· Cookies and tracking technologies: Used for website features, user experience enhancements, and statistical analysis
· Sensitive Information Notice: We will not collect your sensitive personal information (including ID numbers, biometric data, precise location, etc.) unless required by law or with your explicit consent. If collection is necessary, we will clearly inform you of the purpose, method, and potential impact, and obtain your explicit consent. We will not indirectly collect your information through third-party channels unless we have obtained your explicit consent or legal authorization.
3. Information use and legal basis
For processing personal information for legitimate purposes (including but not limited to fraud prevention, product feature improvements, and service optimization), we have completed a Legitimate Interest Assessment (LIA). The assessment includes a justification of the interests legitimacy, its impact on data subject rights, and protective measures. You may request the assessment by contacting us. We process your personal data based on the following legal grounds:
Contract performance:
· Process and complete your order
· Sending you order confirmation and logistics updates
· Provide customer support services
legal advantage :
· Improve our products and services
· Prevent fraud and protect your site
· Website analysis and performance optimization
Your consent:
· If we process your information based on separate consent (e.g., for marketing promotions or non-essential cookies), you may withdraw that consent at any time. The withdrawal does not affect the legality of the processing activities prior to the withdrawal.
· Use cookies for a personalized experience
legal obligation :
· Comply with tax, accounting and other legal and regulatory requirements
· Cooperate with lawful requests from law enforcement agencies
4. Sharing information
We do not sell your personal information. We may share your information with the following third parties:
· Service providers or authorized partners: payment processors, logistics companies, email service providers, cloud storage providers, and other partners who help us run our business
· Legal Requirements: We may disclose information under the following lawful and legitimate circumstances: (1) in accordance with applicable laws of any country or region; (2) upon request by a competent government authority of any country or region; (3) upon instruction from a court in any jurisdiction; or (4) to protect our legitimate rights and interests or to pursue liability for breach of contract by any third party.
· Business transfer: In the event of a company merger, acquisition, or asset sale
All third-party service providers are bound by the contract and can only process your data as instructed. We ensure that overseas recipients have the same level of data protection as we do, or sign standard contracts to bind their protection obligations.
5. International data transfers
As we or our third-party information sharing partners may operate outside the European Economic Area (EEA), your personal data may be transferred to and processed in countries outside the EEA. We will take appropriate safeguards, including:
· Ensure the data recipient provides adequate data protection
· Transfer data across borders only when necessary
· If your personal data is stored in U.S. cloud services such as AWS/Oracle, the service providers have been certified by the Data Privacy Framework (DPF) and comply with cross-border data transfer compliance requirements.
· Use the standard contract clauses (SCC) approved by the European Commission, and conduct a Data Protection Impact Assessment (DPIA) with the recipient before data transfer to ensure compliance with GDPRs cross-border transfer requirements.
· When providing personal information from China to overseas recipients, we will complete cross-border transmission security assessment or sign standard contract filing in accordance with the requirements of Chinas Personal Information Protection Law.
As required by GDPR Article 37, the Companys Data Protection Officer (DPO) independently performs the following duties: monitoring data protection compliance, providing compliance recommendations to management, coordinating with regulatory authorities, and responding to data subject inquiries. For urgent data breach complaints, please contact the DPO via email: DPO@zositech.com
6. Data retention period
We only retain your personal data for as long as necessary:
· Order and transaction data: Retained for 7 years from the date of order completion for tax and legal compliance purposes
· Account data is retained for the duration of your account and for 30 days after account closure.
· Marketing data: Use will stop immediately after you withdraw consent. Records will be retained for 2 years.
· Cookies and analytics data: Retained for up to 12 months
· Customer service records: Retain for 3 years
You may request the deletion of your data at any time, but we may retain certain information to fulfill legal obligations. Where applicable laws require longer retention periods (e.g., tax or compliance retention requirements), we will comply with those statutory deadlines. Upon expiration of the retention period or completion of the processing purpose, we will legally delete or anonymize your personal information. For users who have canceled their accounts, we will complete the deletion within 30 days. After data deletion or anonymization, we will ensure that third-party partners also delete or cease processing such information.
7. Data Security
We take reasonable technical and organizational measures to protect your personal information, including:
· SSL/TLS encrypted transfer
· Data access control and authentication
· Regular security audits and vulnerability scans
· Employee data protection training
· Secure data storage and backup
· Data breach notification (in the event of or potential occurrence of personal information leakage, tampering, loss, or other security incidents, we will immediately activate the emergency response plan and: assess the impact of the incident; take remedial measures; report to the competent regulatory authorities such as the Cyberspace Administration of China or the regulatory authorities of EU member states in accordance with the law; and notify affected users via email, push notifications, etc.)
We have established a dedicated data security management organization and an internal access approval mechanism to continuously monitor and improve data security measures. However, please note that no Internet transmission method is 100% secure.
8. Your GDPR rights
Under the GDPR, you have the following rights:
Access: You have the right to obtain a copy of your personal data held by us
Right to Rectification: You have the right to request the correction of inaccurate or incomplete personal data.
Right to be forgotten: In certain circumstances, you have the right to request the deletion of your personal data
Data processing restrictions: You have the right to request restrictions on the processing of your personal data
Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transfer this data to another controller.
Right to object: You have the right to object to data processing based on legitimate interests or direct marketing purposes
Withdraw consent: If processing is based on your consent, you can withdraw it at any time without affecting the legality of the processing prior to withdrawal.
Complaints: You have the right to file a complaint with the data protection authority
Right to explain: requires us to explain the rules for processing personal information
Account cancellation: request to delete or cancel the account
Inheritance: After the death of a natural person, his or her close relatives may exercise the right to access, correct, delete, etc. according to law
How to exercise your rights: Please email us at [your email address] with your request type (e.g., "Data Access Request" or "Data Deletion Request") in the subject line. To protect your data security, we may require additional information to verify your identity. We typically respond to your requests within one month. For complex or numerous requests, this period may be extended by two months, and we will notify you of the reasons for the extension. We will not charge you for exercising your rights unless there is a valid reason.
9. Cookie Policy
We use the following types of cookies:
· Required cookies: To ensure the website works properly (no consent required)
· Feature Cookies: Remember your preferences
· Analyze cookies: helps us understand how websites are used
· Marketing cookies: Used for personalizing ads (requires your consent)
Your cookie preferences will be stored for 6 months, allowing you to modify or withdraw them at any time. You can manage your cookie preferences through browser settings, though this may affect certain website features. You can also adjust your consent preferences via our cookie banner. To withdraw consent: You can disable non-essential cookies in browser settings. This withdrawal wont affect previously used cookies based on valid consent.
10. Automated decision-making
We do not use fully automated decisions (including user profiles) to make decisions that have legal effect or similar significant impact on you. If personalized recommendations, automated pricing, or other activities are required in the future, we will inform you in advance and provide an "opt out" option.
11. Third-party links
Our website may contain links to third-party sites. We are not responsible for their privacy practices and recommend that you review their privacy policies.
12. Children ' s privacy
Our services are not intended for children under 14 in China or under 16 in the European Union. We do not intentionally collect personal information of children. If you are a parent or guardian and believe that your child has provided personal information to us, please contact us immediately, and we will take measures to delete such information. If we find that we have collected information of children below the legal minimum age without verifiable parental consent, we will immediately take measures to delete such information from the records.
13. Unsubscribe to marketing communications
You can unsubscribe from marketing emails by:
· Click the unsubscribe link at the bottom of each marketing email
· Sign in to your account and update your communication preferences
· Send an email to [Your Email] to request cancellation
After unsubscribing, you will still receive necessary communications related to your order.
14. Policy updates
We may update this Privacy Policy from time to time. We will notify you of major changes in advance through website announcements or email.
Major changes include but are not limited to:
· Major changes in the purpose, method or type of personal information processed;
· Changes in third-party shared objects or cross-border transmission mechanisms;
· User rights exercise method or contact information change.
Major changes will be notified to you through the following methods:
· Post a notice on the website
· Notify by email (if applicable)
· Update the "Last updated" at the top of the page
We encourage you to review this policy regularly for the latest information.
15. Other Terms
This Privacy Policy may be available in multiple languages. If the service you use involves multiple jurisdictions, the English version shall prevail. Other language versions are for reference only. In case of conflicts between language versions, the English version shall take precedence. If you have any questions about the language version, please contact customer service for clarification.
16. Contact Us
If you have any questions about this Privacy Policy, need to exercise your rights, or need to file a complaint, please contact us through the following methods:
Personal Information Processor: Zosi Email: service@zositech.com Address: Room 1003,10/F, Tower 1, Lippo Centre, 89 Queensway, Admiralty, Central & Western District, Hong Kong Phone: +1 (866) 841-6932