Privacy Policy

How we collect, use, store, and protect your information.

Last Updated: June 16, 2026

1. Introduction

Chengdu Wangwangxuwulai Technology Co., Ltd. ("Wangwangxuwulai", "we", "us", or "our") is committed to protecting the privacy of all individuals who visit our website, use our services, or interact with our organization. This Privacy Policy explains how we collect, use, disclose, store, and safeguard your personal information when you access our website at https://www.xuwulai.shop (the "Site") or engage with us for our computer systems design and related IT services.

We operate in compliance with the Personal Information Protection Law of the People's Republic of China (PIPL), the Cybersecurity Law of the People's Republic of China, the Data Security Law of the People's Republic of China, and applicable international privacy regulations including the General Data Protection Regulation (GDPR) where relevant to our users in the European Economic Area.

By using our Site or services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our Site and services immediately.

2. Information We Collect

We collect information that you voluntarily provide to us, as well as information automatically collected when you use our Site. The categories of information we collect include:

2.1 Personal Information You Provide

  • Contact Information: Your full name, email address, phone number, company name, and job title when you fill out our contact form, request a consultation, or subscribe to our communications.
  • Inquiry Details: Information about your project, requirements, or questions that you share through our contact form, email correspondence, or phone calls.
  • Business Information: Company details, industry sector, and project specifications that you provide during business discussions.
  • Communication Records: Records of your communications with us, including email correspondence, call logs, and chat transcripts.

2.2 Information Collected Automatically

  • Log Data: IP address, browser type and version, operating system, device type, pages visited, time and date of access, referring URL, and other standard web server logs.
  • Cookies and Tracking Technologies: We use cookies, pixel tags, and similar technologies to enhance your browsing experience, analyze site usage, and support our marketing efforts. See Section 5 for details.
  • Usage Analytics: Aggregated data about how users interact with our Site, including page views, click patterns, and navigation paths.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To respond to your inquiries, provide consultations, deliver our IT services, manage client relationships, and fulfill contractual obligations.
  • Communication: To send you service-related communications, respond to your questions and requests, and provide technical support.
  • Improvement: To analyze and improve our Site, services, user experience, and internal operations.
  • Marketing: With your consent where required, to send you information about our services, industry insights, events, and promotional materials that may be of interest to you. You may unsubscribe at any time.
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, or governmental requests, including those under Chinese law and international data protection regulations.
  • Security: To protect the security and integrity of our Site, systems, and data, including fraud prevention and threat detection.
  • Business Operations: For internal record-keeping, billing and accounting, contract management, and other routine business operations.

4. Legal Basis for Processing (GDPR)

For individuals in the European Economic Area, we process your personal data based on the following legal grounds:

  • Consent: Where you have given clear consent for us to process your personal data for a specific purpose (e.g., marketing communications).
  • Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, provided your fundamental rights and interests do not override those interests. Our legitimate interests include improving our services, maintaining the security of our systems, and conducting business operations.
  • Legal Obligation: Where processing is necessary to comply with a legal obligation to which we are subject.

5. Cookies and Tracking Technologies

Our Site uses cookies and similar tracking technologies to enhance functionality, analyze traffic, and personalize your experience. Cookies are small text files stored on your device by your web browser.

Types of Cookies We Use

  • Essential Cookies: Necessary for the basic functioning of our Site, such as session management and security. These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with our Site by collecting anonymized usage data. We use these to improve our content and user experience.
  • Functional Cookies: Remember your preferences and language selections to provide a personalized experience.
  • Marketing Cookies: Used to deliver relevant advertisements and measure the effectiveness of our marketing campaigns. These are only deployed with your consent.

You can control cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our Site. For more information about how to manage cookies, visit your browser's help documentation.

6. Data Sharing and Disclosure

We respect your privacy and do not sell your personal information to third parties. We may share your data only in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist us in operating our business, such as cloud hosting providers (e.g., Alibaba Cloud), email service providers, analytics platforms, and payment processors. These providers are contractually bound to protect your data and use it only for the purposes we specify.
  • Professional Advisors: With legal counsel, accountants, and other professional advisors where necessary for business operations or legal compliance.
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership.
  • Legal Requirements: When required by law, court order, or governmental regulation, including compliance with Chinese regulatory authorities under the Cybersecurity Law, PIPL, or other applicable statutes.
  • Protection of Rights: To protect our rights, property, or safety, or the rights, property, or safety of our clients, employees, or others, as permitted or required by law.

7. International Data Transfers

As a company headquartered in Chengdu, Sichuan, China, your personal data may be processed in China and in other jurisdictions where our service providers operate. When we transfer data across borders, we ensure appropriate safeguards are in place in accordance with applicable laws.

For data transfers from the European Economic Area to China or other countries, we rely on Standard Contractual Clauses (SCCs) adopted by the European Commission, or other lawful transfer mechanisms as permitted under the GDPR. For transfers under Chinese law, we comply with the security assessment and other requirements set forth in the PIPL and related regulations.

If you have questions about the specific safeguards applied to your data during international transfer, please contact us using the details in Section 15.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Our retention periods are determined based on the following criteria:

  • The duration of our business relationship with you or your organization
  • Legal and regulatory requirements for record-keeping (e.g., tax, accounting, and compliance obligations)
  • The nature of the data and whether it must be retained to protect our legal interests
  • Whether the data is needed for ongoing service delivery or support

When data is no longer required, we will securely delete or anonymize it. In some cases, we may retain anonymized or aggregated data indefinitely for analytical purposes.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, destruction, or accidental loss. Our security measures include:

  • Encryption of data in transit using TLS/SSL protocols
  • Encryption of sensitive data at rest
  • Access controls and authentication mechanisms for our systems
  • Regular security audits, vulnerability assessments, and penetration testing
  • Employee training on data protection and privacy best practices
  • Strict need-to-know access policies for all personal data
  • Incident response and breach notification procedures

While we strive to protect your data, no method of transmission or storage is 100% secure. We encourage you to take appropriate measures to protect your own information as well.

10. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Under PIPL (China)

  • Right to Know: The right to be informed about how your personal information is processed.
  • Right to Access: The right to access your personal information held by us.
  • Right to Correct: The right to request correction of inaccurate or incomplete personal information.
  • Right to Delete: The right to request deletion of your personal information under certain circumstances.
  • Right to Withdraw Consent: The right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to Portability: The right to receive your personal information in a commonly used, machine-readable format.
  • Right to Restrict or Object: The right to restrict processing or object to certain processing activities.

Under GDPR (EEA)

  • Right to access, rectification, erasure ("right to be forgotten")
  • Right to restrict processing and to data portability
  • Right to object to processing, including automated decision-making and profiling
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

To exercise any of these rights, please contact us using the details in Section 15. We will respond to your request within the timeframes required by applicable law (usually 30 days). We may request additional information to verify your identity before processing your request.

11. Children's Privacy

Our Site and services are not directed to individuals under the age of 18 (or the age of majority in their jurisdiction). We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data without verifiable parental consent, we will take steps to delete that information promptly. If you believe a child has provided us with personal data, please contact us immediately.

12. Third-Party Links

Our Site may contain links to third-party websites, plugins, or services that are not owned or controlled by us. This includes links to external resources, partner sites, or social media platforms. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will update the "Last Updated" date at the top of this policy and may provide additional notice through our Site or by email. We encourage you to review this policy periodically to stay informed about how we are protecting your information.

14. Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of the People's Republic of China. Any disputes arising under or in connection with this policy shall be subject to the jurisdiction of the courts of Jinjiang District, Chengdu, Sichuan Province, China.

15. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through any of the following channels:

  • Email: support@xuwulai.shop
  • Phone: +86 132-0094-6733
  • Mail:
    Chengdu Wangwangxuwulai Technology Co., Ltd.
    Attn: Data Protection Officer
    No. 30 Jinyi Road, Jinjiang District
    Chengdu, Sichuan 610000
    China

We will acknowledge receipt of your privacy-related inquiry within 5 business days and aim to fully address your concern within 30 days. If you are in the EEA, you also have the right to lodge a complaint with your local data protection supervisory authority.