-718x655.png "nexusgepro")
1. Data Controller Information
The data controller, WIDE SAILOR LIMITED ("we"), has its registered office at 291693 OFFICE SUITE 29A 3/F., 23 WHARF STREET, LONDON, ENGLAND, UNITED KINGDOM SE8 3GG. Contact Information:
Website: nexusgepro.com
Email: [email protected]
2. Types of Personal Data Collected and Purposes
2.1 Scope of Data Collection
We collect the following personal data about you:
Basic Identity Data: Name, email address, phone number, mailing address (for order processing and delivery)
Transaction Data: Order history, payment information, invoice details (collected through third-party payment processors)
Website Usage Data: IP address, browser type, access time, page views (collected via cookies)
Customization Request Data: Dimensions, material preferences, style selection, and other special requests for custom business leather shoes
Communication Data: Inquiries, complaints, or feedback you send via email or website forms
2.2 Legal Basis for Data Processing
According to Article 6 of the GDPR, our legal bases for processing personal data include:
Performance of contractual obligations (Article 6(1)(b)): Processing your order, providing delivery services, and providing after-sales service
Obtaining your explicit consent (Article 6(1)(a)): Sending marketing information, using Cookies for website analytics
Compliance with legal obligations (Article 6(1)(c)): Keeping transaction records for tax and accounting purposes
Legitimate interests (Article 6(1)(f)): Improving the quality of our products and services and preventing fraud, provided your fundamental rights and freedoms are not overridden
3. Data storage and retention period
We retain your personal data only for the minimum period necessary to fulfill the purposes for which it was collected:
Order and transaction data: Retained for 7 days to 1 year from the date of the transaction to meet record-keeping requirements under EU VAT and commercial law.
Customer account data: Retained for as long as your account is active and for 6 months after closure to resolve potential disputes.
Marketing data: Retained for as long as you have expressly consented to receive marketing communications. If you withdraw your consent or opt-out, we will delete the relevant data within 1 month.
Website usage data: Data collected via cookies is retained for 12 months, depending on the cookie type.
Customization Request Data: For customized products, this data is retained for an additional six months after the warranty period expires (typically two years) and then anonymized.
4. Data Security Measures
We implement GDPR-compliant technical and organizational security measures to protect your personal data:
Data Transmission Encryption: All website data transmission is encrypted using SSL/TLS technology.
Access Control: Internal access to personal data is restricted to only personnel authorized to process personal data.
Regular Security Audits: Data security assessments and vulnerability detection are conducted quarterly.
Employee Training: Regular employee training on data protection and GDPR compliance is provided.
Emergency Response: A data breach emergency response process is established to ensure that relevant regulatory authorities and affected users are notified within 72 hours of a data breach.
For commercially confidential information such as custom leather shoe design drawings and material information, we implement additional physical isolation.
5. User Data Subject Rights
Under GDPR, you have the following rights, which can be exercised by emailing [email protected]:
Right to Information: Receive detailed information about how we collect and process your personal data.
Right of access: Request a copy of the personal data we hold about you.
Right to rectification: Request that we correct inaccurate or incomplete personal data.
Right to be forgotten: Request that your personal data be erased in certain circumstances (for example, when the data is no longer necessary or you withdraw your consent). If your information has been shared with a third party, we will inform them to cooperate with the erasure.
Right to restriction of processing: Request that the processing of your data be restricted if the accuracy of the data is contested or the processing is unlawful.
Right to data portability: Request that we provide your personal data in a structured, commonly used format for transmission to another controller.
Right to object: Request that we object to marketing activities or user profiling based on legitimate interests.
We will respond to your request within one month of receiving it. For complex requests, this period may be extended to two months, with prior notice. Exercising these rights is generally free of charge, but we may charge a reasonable fee for repetitive or excessive requests.
6. Cookie Policy
Our website uses cookies and similar technologies in compliance with the EU ePrivacy Directive:
Necessary cookies: These are used for basic website functionality (e.g., shopping carts) and require your explicit consent.
Analytical cookies: These are used to understand website usage (e.g., Google Analytics) and require your explicit consent.
Marketing cookies: These are used for personalized advertising and require your explicit consent.
You can manage your preferences through the cookie settings panel on the website's home page or disable cookies through your browser settings. Our Cookie Statement clearly explains:
Types of cookies used and their purposes
Information about relevant third parties (e.g., analytics providers)
Cookie storage period
How to withdraw consent
7. Data Transfer
Because our servers are located in China (a non-EU member state), your personal data may be transferred outside the EU. Such transfers will be handled in accordance with the following procedures:
Use of Standard Contractual Clauses (SCCs) approved by the European Commission, specifically those applicable to Module 2 (Controller to Processor).
The data recipient has signed an agreement containing the SCCs, ensuring a level of data protection no less stringent than that required by the GDPR.
You can request a copy of the relevant contractual clauses by contacting [email protected].
8. Sharing with Third Parties
We only share your personal data with the following third parties when necessary:
Payment processors: such as PayPal or credit card companies, only the payment information required to complete the transaction.
Logistics providers: such as DHL or UPS, only the name and address information required for delivery.
Marketing service providers: only your contact information will be shared if you have consented to receive marketing communications. Legal and Regulatory Authorities: Disclose necessary information as required by law or court order.
All third parties are required to sign a data processing agreement ensuring they implement appropriate security measures and process data only in accordance with our instructions.
9. Disclaimer and Limitation of Liability
Under the GDPR, if we breach our data protection obligations, we may be subject to a fine of up to €20 million or 4% of our global turnover in the preceding year, whichever is greater.
We are not liable for any losses arising from:
Personal data you voluntarily disclose to the public
Disclosure of data to third parties not caused by our intent or gross negligence
Any consequences arising from your failure to keep your personal information up to date
10. Updates to Terms
We may update this Privacy Policy from time to time. We will notify you of any significant changes by means of a website announcement and/or email, clearly stating the effective date in that notification. We encourage you to review this Privacy Policy regularly.
11. Complaints
If you believe that our processing of your personal data violates the GDPR, you have the right to lodge a complaint with any EU Member State data protection supervisory authority. You may also contact us directly at [email protected] to seek an amicable solution.
WIDE SAILOR LIMITED reserves the right of final interpretation of this Privacy Policy.