Privacy Policy

Last Updated: 2024-11-13

1. Introduction

This Privacy Policy explains how Western Bridges collects, uses, and protects your data in compliance with GDPR, PIPL, and applicable data protection laws.

2. Information We Collect

2.1 Personal Data

• Contact information (name, email, phone, address)
• Business information (company details, role)
• Communication records
• Service usage data
• Payment information

2.2 Automatically Collected Data

• Website usage data
• IP addresses
• Browser information
• Device information
• Cookies and similar technologies

3. How We Use Your Information

3.1 Primary Uses

• Service delivery
• Communication
• Account management
• Contract fulfillment
• Legal compliance

3.2 Secondary Uses

• Service improvement
• Market analysis
• Customer support
• Training and quality assurance

4. Cross-Border Data Transfers

4.1 EU-China Data Flows

• Compliance with EU-China data transfer requirements
• Implementation of Standard Contractual Clauses
• Security assessments as required by Chinese law
• Technical and organizational safeguards

4.2 Data Storage Locations

• Primary storage: EU-based servers
• Secondary processing: As required for service delivery
• Backup systems: EU-based secure facilities

5. Data Protection Measures

5.1 Technical Measures

• Encryption in transit and at rest
• Access controls and authentication
• Firewall and intrusion detection
• Regular security audits
• Backup procedures

5.2 Organizational Measures

• Staff training
• Confidentiality agreements
• Access limitation
• Security protocols
• Incident response procedures

6. Your Rights

6.1 GDPR Rights

• Access your data
• Correct inaccuracies
• Request deletion
• Data portability
• Restrict processing
• Object to processing

6.2 PIPL Rights

• Know and decide on data processing
• Restrict or refuse processing
• Access and copy personal information
• Request data transfer
• Request deletion

7. Data Retention

7.1 Retention Periods

• Active accounts: Duration of service
• Inactive accounts: 5 years
• Financial records: As required by law
• Communication records: 7 years

7.2 Data Deletion

• Secure deletion procedures
• Verification of removal
• Archive management
• Backup removal

8. Cookie Policy

8.1 Cookie Types

• Essential cookies
• Functional cookies
• Analytics cookies
• Preference cookies

8.2 Cookie Management

• Browser settings control
• Cookie preferences center
• Third-party cookie information
• Cookie lifetime details

9. Third-Party Processing

9.1 Service Providers

• Hosting providers
• Payment processors
• Analytics services
• Communication tools

9.2 Data Processing Agreements

• Standard contractual clauses
• Security requirements
• Confidentiality obligations
• Processing limitations

10. Contact Information

Western Bridges Bullerleden 9B 961 67 BODEN Sweden Email: [LEGAL-EMAIL-PENDING]

Business Hours: CET: 08:00 – 16:00 CST: 14:00 – 22:00

11. Updates to Privacy Policy

• 30-day notice for material changes
• Email notification of updates
• Continued use implies acceptance
• Previous versions available upon request