XIAGUSHOP

私隱政策

XIAGUSHOP 隱私政策(CN)

版本:V2025-08-29(UTC)
生效日期:以平台頁面公示為准

本隱私政策适用於你使用 codex.xiagu.shop 及其子頁面、購物等级服務與数字商品(統称“平台”)時的数據处理活動。除非另有說明,本政策中“我們/平台”指 XIAGUSHOP

(為便於阅读,中文條款采用中文大写序號+阿拉伯数字编排;英文版见文末。)

一、适用范围與角色

  1. 本政策說明我們作為个人信息控制者如何收集、使用、共享和保護你的个人信息。
  2. 平台涉及的主要功能包括:賬戶注冊與认证、KYC 信息提交、購物等级購買與交付、站内錢包餘額與交易、订單與發票、同意留痕、合规记錄。
  3. 若你通過第三方支付或登錄服務(例如支付通道、邮箱服務商),你的信息亦受其各自政策约束。

二、我們收集的个人信息

  1. 賬戶信息:用戶名、邮箱、手机號码、姓與名、生日、国家/地区、显示名称/昵称头像(如你自行上传)
  2. KYC 信息:证件类型與號码、以及你在注冊/认证流程中主動提交的其他资料。我們不在线下核验,但会按法律義務保存提交记錄。
  3. 订單與購物等级信息:订單號、購買的購物等级與時长、價格、發票资料、合规记錄。
  4. 站内錢包:餘額、充值/扣款金額、交易時間、交易备注與對賬流水。
  5. 设备與日志:IP 地址、设备與浏览器信息(UA)、操作時間戳、頁面與按钮點击、同意开始與结束時間等留痕。
  6. 沟通與客服:你與我們聯繫時提供的内容、申诉材料與处理结果。

三、使用目的與法律依據

  1. 提供與维護服務:创建賬戶、完成 KYC、处理订單與交付数字商品、计算與展示錢包餘額與交易记錄。
  2. 安全與合规:防止欺诈與滥用、留存合规日志、履行税務與賬務留存義務、回應监管與执法請求。
  3. 客戶支持:处理諮詢、投诉、纠纷(在适用法律與業務范围内)。
  4. 改進体验:基於汇总與去标识数據進行統计與功能優化,不用於识别單个自然人。
  5. 法律依據(依辖区而定):履行合同、履行法定義務、合法利益、你已明确同意。

四、Cookies 與本地存储

  1. 平台使用必要类 Cookie(会话、登錄、購物車、錢包结算、同意偏好)以保证功能可用。
  2. 我們目前不進行基於第三方广告追踪的定向营销。若將来变更,將於頁面显著位置告知并征求同意。

五、共享與委托处理

  1. 处理者/服務商(仅為實现功能):主机與 CDN、邮件與短信服務商、支付通道與對賬服務、反滥用安全服務、統计與日志服務、开票與会计服務。
  2. 法律與合规:依法向有權机關提供必要信息,或為维護我們的合法權益在合理范围内披露。
  3. 我們不出售你的个人信息。

六、国际传输

  1. 你的信息可能在马来西亚或其他国家/地区被存储或处理。
  2. 如你位於欧盟、英国或其他国家/地区,你的个人信息可能会被转移至我們运营的国家;在進行这些转移時,我們会采取适当的措施以确保你的信息得到保護。
  3. 针對跨境传输(例如从欧盟/英国转移至其他地区),我們將采用**标准合同條款(SCCs)**或法律允许的其他保障机制。

七、保留期限

  1. 賬戶、订單、購物等级以及站内錢包及其對賬资料:在提供服務所必需的最短期間内保存,最长不超過 90 天;如法律、税務或监管另有更长保存要求的,依相關规定执行。
  2. 安全事件與同意留痕日志:為安全审计、合规证明與纠纷处理之目的,最长不超過 90 天;如法律另有要求的,从其规定。
  3. 到期後,我們將删除或在法律允许且為正当目的所必需的情况下以去标识化方式保留。

八、安全

  1. 采取合理且與风险相适配的安全措施,包括 HTTPS 传输、访问控制、角色權限、最小化授權、日志监控與备份。
  2. 互聯网并非绝對安全环境,我們无法保证信息在任何情况下 100% 安全,但將尽力降低风险并在發生嚴重事件時依法通知。

九、你的權利與請求渠道

  1. 你可以按照适用法律行使與个人信息相關的權利(例如访问、更正、删除等)。
  2. 你可通過賬戶设置聯繫我們提出請求;為保護安全,我們可能要求验证身份,并在法律允许的時限内处理。
  3. 你可申請導出與賬戶相關的對賬资料(如錢包、订單與同意日志等);我們將在法律允许且技术可行的范围内提供。

十、未成年人

  1. 我們的服務面向具有完全民事行為能力的自然人。
  2. 若你未達所在辖区的法定成年人年龄,應在监護人同意與指導下使用,并由监護人代表行使相關權利。

十一、政策更新

  1. 当功能或法律發生变化時,我們会更新本政策,并在頁面显著位置提示。
  2. 重大变更將征求你的再次同意(如法律要求)。

十二、聯繫我們

  1. 聯繫人:xiagushop@gmail.com
  2. 為加速处理,請在邮件主题注明“隱私請求”,并說明你的賬戶邮箱與請求类型。

十三、公开展示與匿名

  1. 為實现賬戶标识、購物等级服務與创作者/艺术家頁面等功能,平台在站内進行必要的公开展示時,將以匿名/化名(显示名称/昵称)為主;如你上传头像,则可能一并展示。上述处理基於合同履行平台的正当利益(例如防冒名、交易识别、權属标记與頁面可用性)。
  2. 你可在賬戶设置中修改显示名称/昵称與头像;平台不主動公开你的证件號、生日、聯繫方式、站内餘額、交易明细等非公开信息。
  3. 頁面上的提示语**“根據隱私政策匿名”**仅用於說明该展示遵循本隱私政策中的匿名/化名规则,并非單独授權或同意机制

XIAGUSHOP Privacy Policy (EN)

Version: V2025-08-29 (UTC)
Effective date: as publicly posted on the Site

This Policy explains how XIAGUSHOP collects, uses, shares, and protects personal data when you use codex.xiagu.shop, its sub-pages, shopping level services, and digital goods (collectively, the “Platform”). Unless otherwise stated, “we/us/Platform” refers to XIAGUSHOP.

1. Scope & Roles

  1. This Policy describes how we, acting as a data controller, collect, use, share, and protect your personal data.
  2. Main features covered include: account registration and verification, KYC submission, shopping level purchase and delivery, on-site wallet balance and transactions, orders and invoices, consent records, and compliance records.
  3. If you use third-party payment or sign-in services (e.g., payment gateways, email providers), your data there is also governed by those providers’ policies.

2. Data We Collect

  1. Account data: username, email, phone number, given/family name, date of birth, country/region, display name/nickname, and avatar (if you upload one).
  2. KYC data: ID type/number and other materials you voluntarily submit during onboarding. We do not conduct offline verification but keep submission records as required by law.
  3. Orders & shopping levels: order ID, plan level and duration, price, invoice details, and compliance records.
  4. On-site wallet: balance, credit/debit amounts, timestamps, notes, and reconciliation records.
  5. Device & event records: IP address, device/browser (UA), timestamps, page/button interactions, and consent start/end timestamps.
  6. Support: the content of your enquiries, supporting materials you provide, and our handling outcomes.

3. Purposes & Legal Bases

  1. Provide & maintain services: create accounts, complete KYC, process orders and deliver digital goods, calculate and display wallet balances and transactions.
  2. Security & compliance: prevent fraud/abuse, keep compliance evidence, meet tax and accounting retention duties, and respond to regulatory/law-enforcement requests.
  3. Customer support: handle enquiries, complaints, and disputes (within applicable laws and business scope).
  4. Improve services: perform statistics and product improvement using aggregated/de-identified data; not used to identify individuals.
  5. Legal bases (depending on jurisdiction): performance of contract, legal obligations, legitimate interests, and—where required—consent.

4. Cookies & Local Storage

  1. We use necessary cookies (session, login, cart/checkout, wallet settlement, consent preferences) to keep the Platform functional.
  2. We do not currently conduct third-party ad tracking for targeted advertising. If this changes, we will provide prominent notice and request consent where required.

5. Sharing & Processors

  1. Processors/service providers (solely to provide functions): hosting/CDN, email/SMS, payment and reconciliation, security/anti-abuse, analytics/logging, invoicing/accounting.
  2. Legal and compliance: we may disclose data when required by law or to protect our rights in a reasonable and proportionate manner.
  3. We do not sell your personal data.

6. International Transfers

  1. Your data may be stored or processed in Malaysia or other countries/regions.
  2. If you are located in the EU, UK, or other jurisdictions, your personal data may be transferred to countries where we operate. We take appropriate measures to ensure your information is protected during such transfers.
  3. For EU/UK transfers, we rely on Standard Contractual Clauses (SCCs) or other lawful safeguards.

7. Retention

  1. Accounts, orders, shopping levels, and on-site-wallet records (including reconciliation): retained for the minimum period necessary to provide the services and no longer than 90 days, unless a longer period is required by tax, accounting, or other laws.
  2. Security and consent records (evidence): kept for audit, compliance, and dispute handling for no longer than 90 days, unless a longer period is legally required.
  3. Upon expiry, we delete the data or retain de-identified records where permitted by law and necessary for legitimate purposes.

8. Security

  1. We implement reasonable safeguards proportionate to risk, including HTTPS in transit, access controls, role permissions, least-privilege principles, logging/monitoring, and backups.
  2. The internet is not absolutely secure; while we cannot guarantee 100% security in all circumstances, we work to reduce risks and will notify as required by law in the event of a serious incident.

9. Your Rights & Requests

  1. Subject to applicable laws, you may request access, correction, deletion, and other rights available in your jurisdiction.
  2. You can submit requests via account settings or Contact Us. For security, we may need to verify your identity and will process the request within legally permitted time limits.
  3. You may request exports related to your account (e.g., wallet, order, and consent records); we will provide them where legally permitted and technically feasible.

10. Children

  1. Our services are intended for individuals with full legal capacity.
  2. If you are below the age of majority in your jurisdiction, you should use the services under guardian consent and guidance; guardians may exercise the relevant rights on your behalf.

11. Changes

  1. We will update this Policy when functions or laws change and will provide prominent notice on the Site.
  2. Where required by law, material changes will be presented for renewed consent.

12. Contact Us

  1. Contact: xiagushop@gmail.com
  2. To expedite handling, include “Privacy Request” in the subject and provide your account email and request type.

13. Public Display & Anonymity {#public-display-anonymous}

The on-page notice “According to the Privacy Policy: Anonymous” only indicates that the display follows the anonymity/pseudonymity rules in this Policy; it is not a separate authorization or consent mechanism.

To enable account identification, shopping level services, and creator/artist pages, the Platform may conduct necessary public display primarily using anonymous/pseudonymous identifiers (display name/nickname); if you upload an avatar, it may be shown as well. The above processing is based on contract performance and our legitimate interests (e.g., anti-impersonation, transaction identification, attribution marks, and page usability).

You may modify your display name/nickname and avatar in Account Settings. We do not proactively disclose your ID numbers, date of birth, contact details, on-site wallet balance, or transaction details.

Type to search

Shopping cart

0
image/svg+xml

No products in the cart.

Continue Shopping