top of page
Logo with Glow.png

Privacy Policy

A LEGAL DISCLAIMER

Last Updated: June 6, 2025

1. Introduction

At AEAI.BEAUTY, we are committed to safeguarding your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website [website URL] or purchase our facial spa masks. We comply with the Personal Data (Privacy) Ordinance (PDPO) of Hong Kong and, where applicable, the General Data Protection Regulation (GDPR) of the European Union. By using our website or services, you agree to the practices described in this policy.
 

2. Types of Personal Data We Collect

We may collect the following types of personal data:

  • Contact Information: Name, email address, phone number, shipping and billing addresses.

  • Account Information: Username, password, and other registration details.

  • Payment Information: Credit card details or other payment method information.

  • Transaction Information: Details of purchases, including date, time, amount, and product details.

  • Technical Information: IP address, browser type, device information, and other technical data from website interactions.

  • Marketing and Communications Data: Preferences for receiving marketing and communication preferences.
     

3. How We Collect Personal Data

We collect personal data through:

  • Direct Interactions: When you create an account, place an order, subscribe to our newsletter, or contact us via forms or email.

  • Automated Technologies: Through cookies and similar technologies that track your website usage.

  • Third Parties: From service providers like payment processors or shipping companies to facilitate transactions and deliveries.
     

4. Purposes of Collection

We use your personal data for the following purposes:

  • Order Processing: To process and fulfill your orders, including payment processing and shipping.

  • Customer Service: To respond to inquiries and provide support.

  • Account Management: To manage your account and provide access to personalized features.

  • Marketing: To send promotional materials about our products, with your consent.

  • Website Improvement: To analyze usage patterns and enhance our website’s functionality.

  • Legal Compliance: To comply with legal obligations, such as tax or consumer protection laws.
     

5. Legal Basis for Processing (for EU Customers)

For customers in the European Union, we process your personal data based on the following legal grounds:

  • Consent: For specific purposes, such as direct marketing (e.g., subscribing to our newsletter).

  • Contractual Necessity: To fulfill our contractual obligations, such as processing and delivering your orders.

  • Legal Obligations: To comply with applicable laws, such as tax regulations.

  • Legitimate Interests: To improve our services, protect against fraud, and enhance user experience, provided your rights do not override these interests.
     

6. Direct Marketing

In accordance with the PDPO, we only use your personal data for direct marketing with your explicit consent. You may receive promotional communications about our facial spa masks or related services. You can opt-out at any time by clicking the unsubscribe link in our emails or contacting us at info@aeai.beauty.
 

7. Sharing of Personal Data

We may share your personal data with:

  • Service Providers: Third-party companies that assist with payment processing, order fulfillment, and IT support, bound by contractual obligations to protect your data.

  • Legal Authorities: When required by law or to protect our legal rights.

  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new owner.

We do not sell or rent your personal data to third parties for their marketing purposes.
 

8. Data Security

We implement robust security measures to protect your personal data, including:

  • Encryption of sensitive data (e.g., payment information).

  • Secure servers and databases with restricted access.

  • Access controls and authentication procedures.

  • Regular security assessments to identify and address vulnerabilities.

While we strive to protect your data, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.
 

9. Cookies and Tracking Technologies

Our website uses cookies to enhance your browsing experience, including:

  • Strictly Necessary Cookies: Essential for website functionality, such as maintaining your shopping cart.

  • Functionality Cookies: To remember your preferences and settings.

  • Analytics Cookies: To analyze website traffic and usage patterns.

  • Targeting Cookies: To provide personalized content and advertisements.

You can manage cookie preferences through your browser settings. Disabling cookies may affect website functionality. For more information, see our [Cookie Policy]([website URL]/cookie-policy).
 

10. International Data Transfers

As an international business based in Hong Kong, your personal data may be transferred to and processed in countries outside Hong Kong, which may have different data protection standards. We ensure compliance with applicable laws for all transfers.

For EU customers, as Hong Kong does not have an EU adequacy decision, we use standard contractual clauses approved by the European Commission to safeguard your data during cross-border transfers.
 

11. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy or as required by law. For example:

  • Account information is retained while your account is active.

  • Transaction records are kept for 7 years to comply with tax and accounting regulations.

  • Marketing data is retained until you withdraw consent.

Data no longer needed is securely deleted or anonymized.
 

12. Your Rights

Under the PDPO, you have the right to:

  • Request access to your personal data.

  • Request correction of inaccurate personal data.

  • Request deletion of your personal data under certain circumstances.

For EU customers, under the GDPR, you have additional rights, including:

  • Right to Erasure: To request deletion of your data (subject to legal exceptions).

  • Right to Data Portability: To receive your data in a machine-readable format.

  • Right to Object: To object to processing based on legitimate interests or direct marketing.

  • Right to Restrict Processing: To limit how your data is processed in certain cases.

  • Right to Withdraw Consent: To withdraw consent at any time.

To exercise these rights, contact us at support@storename.com. We will respond within 30 days, subject to legal extensions.
 

13. Children's Privacy

Our website and services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us to request deletion.
 

14. Changes to this Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Updates will be posted on this page with a revised "Last Updated" date. We encourage you to review this policy periodically.

bottom of page