WestMonth Privacy Policy

Version: November 2024 Edition
Latest Revision Date: November 8, 2024
Effective Date: November 8, 2024

We highly value the security and privacy of your personal information. In compliance with applicable laws and regulations, we implement appropriate security measures to protect your personal information. Accordingly, we have established this Privacy Policy to explain how we collect, use, process, store, share, and transfer your personal information and critical data when you visit our website or use our services.

Please note that this Privacy Policy applies to all services provided by WestMonth through our website (including client apps, mini-programs, and future technological developments). It does not apply to services provided by third parties, which are governed by their respective privacy policies.

Before using WestMonth’s services, please read this Privacy Policy carefully, particularly the bolded clauses, to ensure full understanding and consent. By using our services or continuing to use them after updates to this policy (we will notify you of changes), you agree to the terms herein, including any revised versions, and authorize us to collect, use, store, and share your information as described.

This Privacy Policy covers the following:

1. Types of Personal Information We Collect
2. How We Use Your Personal Information
3. How We Share, Transfer, and Disclose Your Personal Information
4. How We Protect Your Personal Information
5. How You Can Manage Your Personal Information
6. How We Handle Minors’ Information
7. Global Transfer of Your Information
8. Updates to This Privacy Policy

1. Types of Personal Information We Collect

"Personal information" refers to any data recorded electronically or otherwise that can identify a specific individual or reflect their activities, excluding anonymized data. This includes:

• Basic information (name, date of birth, gender, address, phone number, email)
• Identity information (ID card, passport, driver’s license)
• Biometric data (voiceprints, facial recognition features)
• Online identifiers (account details, IP address, digital certificates)
• Financial information (transaction records, account balances)
• Browsing history (webpage visits, software usage, clicks)
• Device information (hardware model, MAC address, OS type, unique device identifiers)

(1) Personal Information You Provide

When registering or using our services, you may provide:

• Name, nationality, address, phone number, email
• Identity documents, payment/bank details, contact information

This information remains authorized for use until you delete your account.

(2) Third-Party Information You Provide

In certain cases (e.g., dropshipping or delegated payments), you may provide third-party details (e.g., recipient names, phone numbers, payment accounts). You must ensure you have obtained legal consent from these individuals before sharing their information. For children’s data, guardian consent is required.

(3) Information Generated During Service Use

We may automatically collect:

• Log data (IP address, browser type, device information)
• Usage records (browsed products, downloads, transactions)
• Order details (purchase history, payment records, shipping info)

(4) Information Collected by Third-Party Partners

For specific functions (e.g., identity verification), we use SDKs from authorized partners (e.g., Tianju Dihé Technology for real-name authentication). These partners may collect:

• Names, ID numbers, business licenses (for enterprises)
• Mobile numbers (for verification)

Their data practices are governed by their own privacy policies, which we recommend reviewing.

2. How We Use Your Personal Information

(1) Primary Uses

• Account registration & identity verification
• Product display & personalized recommendations
• Order processing, payment, and delivery
• Customer service & dispute resolution
• Security & fraud prevention

(2) Exceptions Where Consent Is Not Required

We may use data without consent for:

• National security, public health, or legal compliance
• Protecting life/property in emergencies
• Publicly available or anonymized data

(3) Usage Rules

• We will seek consent for new purposes or indirect data collection.
• Anonymized data may be used for analytics/improvements.
• If services terminate, we will delete or anonymize your data.

3. Sharing, Transfer, and Disclosure

(1) Sharing

We may share data with:

• Third-party vendors (payment processors, logistics, suppliers)
• Legal/regulatory authorities (when required)
• Affiliates (for account security or service improvements)

(2) Transfer

Your data may be transferred during mergers/acquisitions, subject to this policy.

(3) Disclosure

We may disclose information:

• With your explicit consent
• To address violations of laws/platform rules

4. Data Protection Measures

• Encryption (SSL/HTTPS), access controls, and staff training
• Data retention per legal requirements (e.g., 3 years for e-commerce records)
• Prompt deletion/anonymization after retention periods
• Incident response protocols for breaches

5. Your Rights

• Access/correct your data via account settings or customer support.
• Request deletion if processing violates laws or agreements.
• Account deactivation (note: this terminates service access).
• Objections/restrictions may apply in certain legal contexts.

6. Minors’ Information

• Users are presumed competent for e-commerce activities.
• Minors must obtain guardian consent before using services.
• Children’s data is processed only with guardian approval.

7. Global Data Transfers

• Primary storage is in China, except for cross-border transactions or legal requirements.
• Transfers outside your jurisdiction comply with applicable laws (e.g., data protection agreements).

8. Policy Updates

• Changes will be announced on our website.
• Continued use after updates implies acceptance.
• Material changes (e.g., new data uses) will require re-consent.