Privacy Policy

Introduction 

Ningbo FortuneSix Trading Co., Ltd. ("FortuneSix," "we," "us," or "our") is fundamentally committed to protecting the privacy and security of the personal data entrusted to us by our clients, business partners, and visitors to our website ("you"). This Privacy Policy is designed to provide a clear and transparent explanation of our data handling practices. It details what personal data we collect, the specific purposes and legal bases for which we process that data, the circumstances under which we may share it, the duration for which we retain it, and the comprehensive rights you have regarding your data under applicable laws. 

This policy has a global scope and applies to all personal data collected through our diverse business activities. This includes, but is not limited to, interactions via our website, all consulting services, sourcing and procurement operations, project management, trade fair advisory, our "ready-to-trade" training programs, and any other services we provide, ensuring a consistent standard of protection wherever you are located. 

Article 1: Data Controller 

The data controller responsible for the processing of your personal data is: 

  • Legal Entity (EN): Ningbo FortuneSix Trading Co., Ltd. 

  • Legal Entity (CN): 宁波福六贸易有限公司 

  • Unified Credit Code/Tax ID: 91330212MAEKRPP05F 

  • Registered Address (EN): Room 2906-5, No. 1107, Tiantong North Road, Zhonghe Sub-district, Yinzhou District, Ningbo City, Zhejiang Province 

  • Registered Address (CN): 浙江省宁波市鄞州区中河街道天童北路1107号2906-5室 

  • Contact Email: info@fortune-six.com 

Article 2: Personal Data We Collect 

To provide our specialized services and conduct our business operations effectively, we collect and process the following categories of personal data. We are committed to the principle of data minimization, meaning we only collect data that is necessary for the specified purposes. 

  • Identity and Contact Data: This includes your full name, email address, phone number, the name of your company, and your job title. In specific circumstances, such as arranging trade fair registrations, factory visit permits, or business-related travel, we may need to collect passport or national ID information to facilitate these arrangements on your behalf. 

  • Commercial and Project Data (Highly Sensitive): This category encompasses the core proprietary information you entrust to us. It includes detailed product briefs, technical specifications, confidential business plans, market research findings, target pricing structures, supplier and manufacturer information, OEM/ODM project details, insights into your company's operational field and customer portfolio, and other trade secrets. We recognize the extreme sensitivity of this data and are committed to protecting its confidentiality with the highest level of security and discretion. 

  • Financial Data: This includes information necessary for processing payments and fulfilling financial obligations, such as invoicing details, company bank account information, and records of payments. Please note that highly sensitive payment data, such as credit card numbers, is not stored on our systems. It is processed directly by our secure, third-party payment service providers who are compliant with global security standards. 

  • Marketing and Communications Data: This includes your explicit preferences for receiving marketing communications from us, such as newsletters or market updates. It also covers any feedback, testimonials, or survey responses you voluntarily provide, which helps us improve our services. 

  • Technical Data: When you interact with our website, we automatically collect certain technical information. This may include your Internet Protocol (IP) address, browser type and version, time zone setting, operating system, and platform. This data helps us ensure the security of our website and optimize the user experience. 

Article 3: How We Collect Your Personal Data 

We employ several methods to collect your personal data to ensure we can provide a seamless and effective service: 

  • Directly from You: The majority of the data we hold is provided directly by you. This occurs when you fill out forms on our website (such as a contact or application form), when you contact us directly via email, phone, instant messaging applications (like WhatsApp or WeChat), or other digital and physical communication channels. Data is also collected during our professional engagements, such as consulting meetings, project interviews, at trade fairs, or through ongoing business correspondence. 

  • Automatically: As you navigate our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. This information is collected using cookies and similar tracking technologies. These tools are essential for the website's functionality and for helping us understand how visitors use our site, which allows us to improve its structure and content. For detailed information on what these technologies are and how we use them, please review our separate Cookie Policy

  • From Third Parties: In some cases, we may indirectly receive personal data about you from other sources. This can include business partners with whom we collaborate on projects, service providers who assist our operations, publicly available sources such as official company registries or professional social media profiles (e.g., LinkedIn), or through referrals from mutual contacts. We only use data from these sources when we have a legitimate reason to do so. 

Article 4: Purposes and Legal Basis for Processing 

We process your personal data for specific, explicit, and legitimate purposes and do not process it in a manner that is incompatible with those purposes. For each purpose, we ensure we have a valid legal basis under applicable data protection laws, such as the General Data Protection Regulation (GDPR). 

  1. Service Provision: To deliver the core sourcing, consulting, project management, or market research services you have contracted us for.
    Data Categories Involved: Identity, Contact, Commercial/Project, Financial
    Legal Basis for Processing: Performance of a contract. Processing is necessary to fulfill our contractual obligations to you.

  2. Client Communication and Support: To provide ongoing project updates, respond to your inquiries, schedule meetings, and manage our professional relationship.
    Data Categories Involved: Identity, Contact, Commercial/Project
    Legal Basis for Processing: Performance of a contract and legitimate interest. It is in our legitimate interest to maintain effective communication to ensure project success.

  3. Legal and Regulatory Obligations: To comply with our legal duties, such as accurate financial accounting, tax reporting, and responding to lawful requests from authorities.
    Data Categories Involved: Identity, Contact, Financial
    Legal Basis for Processing: Compliance with a legal obligation. We are required by law to process this data for these purposes.

  4. Marketing and Relationship Management: To send you relevant updates on trade fairs, market trends, our newsletters, or success stories that may be of interest.
    Data Categories Involved: Identity, Contact, Marketing
    Legal Basis for Processing: Consent or Legitimate interest. We will only send you marketing materials with your explicit consent, or where it is in our legitimate interest and does not override your rights.

  5. Security and Service Analytics: To protect the security and integrity of our website and IT systems, and to analyze service performance to make improvements.
    Data Categories Involved: Technical Data
    Legal Basis for Processing: Legitimate interest. It is in our legitimate interest to secure our digital assets and enhance our service offerings.

Article 5: Sharing Your Personal Data 

We are committed to keeping your data confidential and secure. However, in the course of our business operations, we may need to share it with carefully selected third parties. Any such sharing is done on a strict need-to-know basis and is governed by contractual safeguards. 

  • Suppliers and Business Partners: Where essential for the execution of your project, we may share relevant project data with potential suppliers, manufacturers, or local business partners in China and other various countries and regions. The purpose of this sharing is to identify the most suitable product, service, or partner for you. This is done solely based on the necessity for your project and, where applicable, with your explicit consent. 

  • Service Providers: We engage third-party service providers who act as data processors on our behalf to support our operations. This includes accounting firms, legal advisors, website hosting services, email marketing platforms, cloud storage providers (e.g., Google Drive, Notion), and project management tools. We conduct due diligence on these providers and have legally binding data processing agreements in place to ensure they protect your data to the same high standards as we do. 

  • Public and Governmental Authorities: We may be required to disclose your personal data if compelled to do so by law or in response to a valid and binding legal request from a court, law enforcement, or other government body. We will only disclose the minimum amount of data necessary to comply with such a request. 

Article 6: International Data Transfers 

As a company with global operations, our business activities may require the transfer of your personal data outside of the country where it was originally collected. Our operations, particularly international supply chain management and consulting, often involve transferring data to regions including China. Furthermore, many of our third-party cloud-based service providers are headquartered or have servers in various countries around the world. 

Such international data transfers are often necessary for the performance of our contract with you. When we transfer your data to a country that may not be deemed to have an "adequate" level of data protection by relevant authorities (like the European Commission), we take responsibility for ensuring your data remains protected. We do this by implementing appropriate legal safeguards, most commonly the Standard Contractual Clauses (SCCs), which are legally binding commitments between us and the data recipient to protect the data to a standard equivalent to that of the GDPR. 

Article 7: Data Retention 

We adhere to the principle of storage limitation by retaining your personal data only for as long as is strictly necessary to fulfill the purposes for which it was collected. The specific retention period is determined by several factors, including the nature of the data, the requirements of our business relationship with you, and our legal and regulatory obligations. For example, project data is retained for the lifecycle of the project and a reasonable period thereafter, while financial records are kept in accordance with applicable tax laws (e.g., for 7-10 years). When the retention period expires and the data is no longer needed, we will securely and permanently delete, destroy, or anonymize it. 

Article 8: Your Data Protection Rights 

As a data subject, you are afforded a number of important rights under data protection laws. We are committed to upholding these rights. They include: 

  • Right of Access: You have the right to request a copy of the personal data we hold about you and to learn how we are processing it. 

  • Right to Rectification: If you believe any personal data we hold about you is inaccurate or incomplete, you have the right to request its correction. 

  • Right to Erasure ("Right to be Forgotten"): You have the right to request the deletion of your personal data where the original reasons for its processing no longer exist, or where you have withdrawn consent. 

  • Right to Restrict Processing: You have the right to request a temporary halt to the processing of your data, for example, while the accuracy of the data is being contested. 

  • Right to Data Portability: You have the right to receive your data in a structured, commonly used, and machine-readable format and to request that we transfer it directly to another data controller, where technically feasible. 

  • Right to Object: You have the right to object to the processing of your personal data, particularly where we are relying on legitimate interest as our legal basis. 

  • Right to Withdraw Consent: Where our processing of your data is based on your explicit consent, you have the right to withdraw that consent at any time. 

To exercise any of these rights, please contact us at info@fortune-six.com. We will respond to your request in accordance with applicable data protection laws. 

Article 9: Data Security 

We take the security of your personal data very seriously. We implement and maintain a range of appropriate technical and administrative security measures designed to protect your data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include data encryption (both at rest and in transit), strict access control policies to limit access to a need-to-know basis, secure network configurations, and regular staff training on data protection and security best practices. 

Article 10: Children's Privacy 

Our services are not designed for or directed at individuals under the age of 18, and we do not knowingly collect or solicit personal data from them. If we become aware that we have inadvertently collected personal data from a child, we will take steps to delete that information as soon as possible. If you are a parent or guardian and believe your child has provided us with personal data, please contact us. 

Article 11: Changes to This Policy 

The world of data protection is constantly evolving. We may need to update this Privacy Policy from time to time to reflect changes in our business practices or legal requirements. We will notify you of any significant or material changes by posting a prominent notice on our website or by sending you a direct notification via email. We encourage you to review this policy periodically to stay informed about how we are protecting your data. 

Article 12: Contact Us 

If you have any questions, concerns, or complaints about this Privacy Policy or how we handle your personal data, please do not hesitate to contact us at info@fortune-six.com. We are committed to working with you to resolve any issues. 

Disclaimer: This Privacy Policy is provided for general informational purposes and does not constitute legal advice. It is strongly recommended that you seek professional advice from a qualified legal counsel to ensure your company's full compliance with all applicable legal and regulatory obligations.