Official Website

ggtytrade.com

Data Inquiry Email

user@ggtytrade.com

1. Scope of Application: This policy applies to all personal data we collect and process in the process of providing bag and luggage products sales, after-sales service, and other related services to users within the EU. This policy applies to you as long as you are a resident of the EU, regardless of how you interact with us—through our official website, offline cooperation channels, email communication, or any other means.

2. Data Controller: GLOBAL GATEWAY TRADE LTD, as the data controller, is responsible for determining the purpose and method of processing personal data and bears responsibility for the compliance of data processing activities.

We strictly adhere to the principle of "data minimization," collecting only the personal data necessary to achieve specific legitimate purposes:

• Core Identity and Contact Data: Name, email address, phone number, shipping address, etc. Purpose: complete order placement, payment confirmation, logistics follow-up, respond to inquiries.
• Transaction and Payment Related Data: Order number, product model/quantity, payment amount/method, etc. Purpose: complete transaction settlement, generate vouchers, process refunds/returns.
• Device and Usage Data: IP address, browser type/version, access time, page browsing history, etc. Purpose: optimize website experience, troubleshoot malfunctions, prevent security risks.
• Sensitive Personal Data: In principle, we do not collect sensitive personal data such as race or health status.

• Necessary to fulfilling our contractual obligations to you (core legal basis)
• Based on your explicit consent (e.g., marketing information, sensitive data processing)
• To comply with legal responsibilities (e.g., tax declaration, auditing)
• To protect the significant legitimate rights and interests of the data subject or others

• Right of Access: Request a copy of your personal data
• Right of Correction: Correct inaccurate/incomplete data
• Right of Erasure (Right to Be Forgotten): Request deletion of your data under certain circumstances
• Right to Restrict Processing: Request restriction of data processing
• Right of Data Portability: Request data in machine-readable format
• Right to Object: Object to marketing/automated decision-making processing
• Right to Withdraw Consent: Withdraw consent at any time

Exercising Rights: Submit a written request via user@ggtytrade.com. We will respond within the GDPR-stipulated period (generally ≤ 1 month).

V. Data Storage and Protection: We store data for the shortest necessary period and employ GDPR-compliant security measures (encrypted transmission/storage, access control, security audits).

VI. Cross-border Data Transfer: All cross-border transfers comply with GDPR requirements (adequacy certification, standard contractual clauses, encryption).

VII. Third-Party Data Processors: We entrust trusted third parties (logistics/payment/IT providers) with strict contractual obligations to comply with GDPR.

VIII. Data Breach Notification: We notify regulators within 72 hours and affected users if there is a serious risk to rights.

IX. Policy Updates: Revised policies are posted on ggtytrade.com; core changes will be notified via email.

X. Dispute Resolution: Negotiate via email first; file complaints with EU data protection authorities if needed.