Effective Date: April 10, 2026
Data Controller: Wenzhou Wimach Machinery Co Ltd
This Privacy Policy governs how Wenzhou Wimach Machinery Co Ltd (“we”, “us”, “our”) collects, uses, stores, shares, and protects your personal data solely when you visit our international website www.wimach.cn
This policy applies to all individual visitors accessing and using this website. We are committed to complying with applicable global data protection laws, including the EU General Data Protection Regulation (GDPR), UK GDPR, California Consumer Privacy Act (CCPA/CPRA), and other relevant regional data protection regulations.
1. What Personal Data We Collect
We only collect personal data that is necessary for the operation and service of this website, as outlined in this policy. We collect data in the following scenarios:
1.1 Data You Voluntarily Provide to Us
Website Form Submissions: Full name, job title, company name, business address, email address, phone number, country/region, and any other information you voluntarily submit through this website.
1.2 Data We Collect Automatically
When you visit our website, we may automatically collect non-identifiable and limited identifiable data via cookies and similar tracking technologies when you browse this website, including:
– IP address, browser type and version, device type, operating system, and language settings.
– Website access time, pages visited, time spent on each page, referral source URL, and clickstream data.
– Website performance and error reporting data to optimize our site functionality and user experience.
– Server log files data, which is automatically transmitted by your browser to our website server for technical operation of the site.
2. Legal Bases for Processing (GDPR/UK GDPR Compliance)
We process your personal data via this website only on the following legal bases under the GDPR and UK GDPR:
– Consent (Art. 6(1)(a) GDPR): For processing non-essential cookies, newsletter subscriptions, and any other processing where you have provided explicit opt-in consent via this website. You have the right to withdraw your consent at any time.
– Pre-contractual Measures (Art. 6(1)(b) GDPR): For processing data submitted via our website inquiry/quote forms, to respond to your requests and take steps at your request prior to entering a contract.
– Legitimate Interests (Art. 6(1)(f) GDPR): For processing necessary for website security, technical operation, error reporting, and anonymous analytics to improve website user experience, where our legitimate interests do not override your fundamental rights and freedoms.
– Legal Obligation (Art. 6(1)(c) GDPR): For processing required to comply with applicable legal, regulatory, or judicial obligations to which we are subject.
3. Sharing of Your Personal Data
We do not sell, rent, or trade your personal data to third parties for commercial purposes. We only share your personal data in limited circumstances, with strict data protection safeguards:
– With third-party service providers that assist in the operation, maintenance, and optimization of this website (including website hosting providers, analytics tools, consent management platforms, and form processing services), bound by strict data processing agreements.
– When required by applicable law, court order, or governmental request, or to protect our legitimate legal interests.
– With your explicit, written consent obtained via this website.
4. International Data Transfers
All international data transfers will be conducted in compliance with applicable data protection laws, with appropriate safeguards in place, including:
– For transfers to the European Economic Area (EEA)/UK: transfers to countries deemed to have an adequate level of data protection by the European Commission/UK Government.
– For transfers to non-adequate countries: use of the European Commission’s Standard Contractual Clauses (SCCs), UK International Data Transfer Agreements (IDTAs), or other legally recognized data transfer mechanisms.
– Binding data protection agreements with all third-party recipients to ensure the security and confidentiality of your data.
– For transfers to the United States: we only transfer data to service providers certified under the EU-US Data Privacy Framework, where an adequacy decision under Art. 45 GDPR is in place.
5. Data Retention
We will only retain your personal data for the minimum period necessary to fulfill the purposes for which it was collected. At the end of the retention period, we will securely delete, anonymize, or irreversibly pseudonymize your personal data in accordance with applicable law.
– Data submitted via website forms: retained for a maximum of 12 months from the date of your last interaction, unless a longer retention period is required by law.
– Automatically collected website analytics data: retained for a maximum of 26 months, after which it is anonymized.
– Cookie data: retained for the period specified in our cookie consent banner, up to a maximum of 12 months for necessary cookies.
6. Your Data Subject Rights
Depending on your country/region of residence, you have the following rights under applicable data protection laws, subject to applicable exemptions and limitations:
6.1 Rights Under GDPR/UK GDPR (EEA & UK Residents)
– Right of Access: The right to request confirmation that we are processing your personal data, and to access a copy of your personal data and related processing details.
– Right to Rectification: The right to request correction of inaccurate or incomplete personal data we hold about you.
– Right to Erasure: The right to request deletion of your personal data, where the data is no longer necessary, you withdraw consent, you object to processing, or processing is unlawful.
– Right to Restriction of Processing: The right to request restriction of processing of your personal data, where the accuracy of the data is contested, processing is unlawful, or we no longer need the data.
– Right to Data Portability: The right to receive your personal data in a structured, machine-readable format, and to transmit that data to another controller, where processing is based on consent or contract.
– Right to Object: The right to object to processing of your personal data based on our legitimate interests, including direct marketing, at any time.
– Right to Withdraw Consent: The right to withdraw any consent you have provided for processing of your personal data.
6.2 Rights Under CCPA/CPRA (California Residents)
– Right to Know: The right to request disclosure of the categories and specific pieces of personal data we collect, use, share, or disclose about you.
– Right to Delete: The right to request deletion of your personal data we hold, subject to applicable exceptions.
– Right to Opt-Out: The right to opt out of the “sale” or “sharing” of your personal data (we do not sell your personal data, and only share it as outlined in this policy).
– Right to Non-Discrimination: The right to not receive discriminatory treatment for exercising your privacy rights.
6.3 How to Exercise Your Rights
You may exercise any of the above rights by contacting our Data Protection team using the contact details listed in Section 12 of this policy. We will respond to all valid, verifiable requests within the timeframe required by applicable law (typically 1 month for GDPR requests, 45 days for CCPA requests), and will not charge you for reasonable requests unless they are excessive, repetitive, or manifestly unfounded.
6.4 Right to Lodge a Complaint
You have the right to lodge a complaint with a competent data protection supervisory authority in your country/region of residence, if you are dissatisfied with our response to your request, or our handling of your personal data.
7. Cookies & Similar Technologies
Our website uses cookies and similar tracking technologies to enhance your user experience, analyze website performance, and deliver relevant content. We classify cookies into the following categories:
– Necessary Cookies: Essential for the basic functionality of our website, and cannot be disabled. These enable core features such as page navigation and form submission.
– Analytics Cookies: Help us understand how visitors interact with our website, by collecting and reporting anonymous usage data. These are non-essential and only activated with your consent.
– Functional Cookies: Enhance your user experience by remembering your preferences (e.g. language settings) and personalizing content. These are non-essential and only activated with your consent.
– Marketing Cookies: Used to deliver personalized advertisements relevant to you via this website and third-party platforms. These are non-essential and only activated with your consent.
You can manage or disable non-essential cookies through our website cookie consent banner, or via your browser settings. You can find instructions on how to manage cookies in the official support pages of your browser provider.
8. Children’s Privacy
Our website, products, and services are intended for business use only, and are not directed at children under the age of 16. We do not knowingly collect or process personal data from children under 16. If we become aware that we have inadvertently collected personal data from a child under 16, we will take immediate steps to securely delete that data.
9. Security of Your Personal Data
We have implemented appropriate technical, organizational, and administrative security measures to protect your personal data against unauthorized access, disclosure, alteration, destruction, or loss. These measures include:
– Encryption of data in transit and at rest.
– Regular security audits and vulnerability testing of our IT systems.
– Role-based access control to personal data, limited to authorized personnel only.
– Regular data protection training for our employees and contractors.
– Business continuity and disaster recovery plans to ensure data integrity.
While we take all reasonable steps to protect your personal data, no electronic transmission or storage system is 100% secure. We cannot guarantee absolute security, and we will notify you and the relevant regulatory authorities of any personal data breach as required by applicable law, within the mandatory statutory timeframe.
10. Third-Party Links
Our website may contain links to third-party websites, including our distributors, partners, and service providers. This Privacy Policy only applies to our website. We have no control over, and are not responsible for, the privacy policies, content, or data processing practices of any third-party websites. We strongly recommend that you review the privacy policy of any third-party website you visit.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our processing activities, legal requirements, or industry best practices.
– The latest version of this policy will always be posted on this website, with the updated effective date clearly marked.
– For material changes that significantly alter how we process your personal data, we will provide prominent notice on this website prior to the change taking effect.
– Your continued use of this website after the effective date of the updated policy constitutes your acceptance of the revised terms.
12. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our processing of your personal data via this website, please contact our Data Protection team at wmj@wimach.cn