Menu
Your Cart

Privacy Policy

Privacy Policy

Effective Date: January 12, 2026

HOVE TRADING CO., LTD (hereinafter referred to as "we"), as a UK-registered company, is committed to protecting the privacy and security of the personal data of all EU and UK users (hereinafter referred to as "you") who visit our official website (hovecommerce.com), purchase our stationery products, or enjoy our services. This policy is formulated in accordance with the General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and relevant EU and UK data protection laws and regulations. It aims to clarify the methods, purposes, and scope of our collection, processing, storage, and transfer of your personal data, and to inform you of your data subject rights and how to exercise them.

I. Scope of Application

This Privacy Policy applies to all personal data collection and processing activities we conduct in the course of providing stationery product sales, after-sales support, and other services to users within the EU and the UK, regardless of how you interact with us through our official website, email, offline communication, or other channels.

II. Data Controller Information

  • Data Controller: HOVE TRADING CO., LTD (UK registered company)
  • Customer Service Email: care@hovecommerce.com
  • Regulatory Contact: If you have any questions, complaints, or needs regarding the processing of your personal data, please contact us via the above email address first. If you are not satisfied with our processing results, you have the right to file a complaint with the UK Information Commissioner's Office (ICO) or the relevant EU member state's data protection regulator. Where applicable, we have appointed a Data Protection Officer (DPO), who can also be contacted via the above email address.

III. Types of Personal Data We Collect and How They Are Collected

To achieve our business objectives, we collect only the minimum amount of personal data necessary to achieve those objectives (data minimization principle), specifically including:

  1. Identifiable Information: Such as your name, email address, and phone number. Collection methods include actively filling in this information when registering an account on the website, submitting it when placing an order, and providing it when contacting customer service via email.
  2. Order and Transaction Data: Such as order number, information on purchased stationery products, payment amount, and payment method. This type of data is automatically generated and submitted by you during the transaction process.
  3. Delivery Data: Such as your delivery address (including country, city, street, and postal code), recipient's name, and contact information. This data is used to complete the delivery service for stationery products and is provided by you when placing your order.
  4. Website Usage Data: Such as your IP address, browser type, access time, and product pages viewed on our website. This type of data is automatically recorded by the website server or collected through technologies such as cookies (see the "Use of Cookies" section of this policy for details).
  5. Data Related to Special Groups: If you are a child under the age of 13 (the legal age of consent for child data processing in the UK) or a minor under other age standards stipulated by EU member states, your parent or legal guardian must provide proof of consent and relevant necessary information when using our services or purchasing products. We will not proactively collect additional personal data from children, and the processing of such data will follow specific security measures.

IV. Purpose and Legal Basis of Personal Data Processing

Our processing of your personal data is based on the legal basis stipulated in the GDPR and the UK Data Protection Act 2018. The specific purposes and corresponding legal basis are as follows:

  1. Fulfilling Contractual Obligations: To complete the stationery product purchase and sale contract between you and us, including processing orders, arranging delivery, and providing after-sales support. Legal Basis: Fulfillment of contract (GDPR Article 6(1)(b); UK Data Protection Act 2018 Article 8).
  2. Providing Customer Service: To respond to your inquiries, resolve problems you encounter during the purchase or use of products, and push order status updates to you. Legal Basis: Fulfillment of contract and legitimate interests (ensuring service quality) (GDPR Article 6(1)(b, f); UK Data Protection Act 2018 Articles 8 and 10).
  3. Marketing: With your explicit consent, to push information about our new products, promotions, and other stationery-related marketing content to you. Legal Basis: Your consent (Article 6, paragraph 1(a) of the GDPR; Article 7 of the UK Data Protection Act 2018). You may withdraw this consent at any time.
  4. Website Operation and Optimization: Analyzing website usage data to optimize website functionality and user experience, and ensuring the secure and stable operation of the website. Legal Basis: Legitimate interests (improving service quality and ensuring operational security) (Article 6, paragraph 1(f) of the GDPR; Article 10 of the UK Data Protection Act 2018).
  5. Compliance with Legal Obligations: To comply with relevant EU and member state laws and regulations, as well as relevant UK domestic laws, such as maintaining transaction records and cooperating with regulatory investigations. Legal Basis: Compliance with legal obligations (Article 6, paragraph 1(c) of the GDPR; Article 9 of the UK Data Protection Act 2018).
  6. Processing of Children's Data: The legal basis for processing the personal data of child users is the explicit consent of their parents or legal guardians (Article 8 of the GDPR; Article 11 of the UK Data Protection Act 2018). We will take reasonable measures to verify the authenticity of the consent.

V. Rights of the Data Subject

In accordance with the GDPR and the UK Data Protection Act 2018, you, as a data subject, have the following rights, and we will provide necessary assistance in exercising these rights:

  1. Right to Know: You have the right to know whether we are processing your personal data, the purpose of processing, the type of data, and the recipients of the data.
  2. Right to Access: You have the right to request a copy of your personal data.
  3. Right to Correction: If your personal data is inaccurate or incomplete, you have the right to request that we correct or supplement it.
  4. Right to Erasure (Right to Be Forgotten): In specific circumstances (such as when the data is no longer necessary for the processing purpose, you withdraw your consent, or our processing violates laws and regulations), you have the right to request that we erase your personal data. Especially for children's data, if valid parental consent was not obtained at the time, the child or an adult has the right to request the erasure of the relevant data.
  5. Right to Restrict Processing: In specific circumstances (such as when you object to the accuracy of the data, or when the processing is illegal), you have the right to request that we restrict the processing of your personal data.
  6. Right of Data Portability: You have the right to request that we provide you with your personal data in a structured, commonly used, and machine-readable format, and the right to transfer such data to other data controllers.
  7. Right of Objection: If we process your personal data based on legitimate interests, you have the right to object at any time, and we will cease such processing unless we can demonstrate a compelling legitimate reason prior to your interests or necessary to fulfill legal obligations.
  8. Right to Withdraw Consent: If you have provided us with personal data based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the legality of data processing conducted based on consent prior to the withdrawal.

If you wish to exercise any of the above rights, please submit a written request to us via our customer service email address care@hovecommerce.com, providing the necessary identity verification information for our verification. We will respond within one month of receiving your request; in complex cases, this may be extended to three months, with the reasons for the extension communicated to you in writing.

VI. Storage Period for Personal Data

We will only store your personal data for the period necessary to achieve the processing purposes described in this policy. After the storage period expires, your personal data will be securely deleted or anonymized, unless EU and Member State laws and regulations, or UK domestic laws require an extension. Specific storage periods are as follows:

  1. Order and transaction data, delivery data: Retained for 5 years from the date of transaction completion to meet contract performance and legal compliance requirements.
  2. Identification data, consultation and communication data: Retained during the duration of your business relationship with us and for 3 years after termination to ensure after-sales support and dispute resolution needs.
  3. Website usage data: Retained for 1 year from the date of collection, and will be deleted or anonymized after website optimization.
  4. Marketing-related data: Retained for the marketing period you agreed to. If you withdraw your consent or explicitly refuse to receive marketing information, the relevant data will be deleted immediately.
  5. Child-related data: Retained for the validity period of the consent obtained or for 2 years after the termination of service. After the expiration of this period, it will be deleted immediately, unless otherwise stipulated by law.

VII. Personal Data Security Measures

We highly value personal data security and have implemented technical and organizational security measures that comply with GDPR and the UK Data Protection Act 2018 to prevent unauthorized access, use, disclosure, modification, damage, or loss of your personal data. These measures include:

  1. Technical Measures: Employing encryption technologies (such as SSL/TLS encryption) during data transmission, implementing strict access control for stored data, regularly updating system security patches, and deploying security protection equipment such as firewalls and intrusion detection systems.
  2. Organizational Measures: Clearly defining the responsibilities and authority of data processing personnel, providing employees with regular data protection training (including GDPR and relevant UK data protection regulations), and establishing comprehensive data security management systems and data breach emergency response plans.
  3. Breach Notification: In the event of a personal data breach, we will report it to the UK Information Commissioner's Office (ICO) and the relevant EU data protection regulatory authorities (if applicable) within 72 hours of becoming aware of the breach. If the breach may pose a high risk to your rights and freedoms, we will notify you without delay through your pre-registered contact information, informing you of the details of the breach and the remedial measures we have taken.

VIII. Transfer of Personal Data

  1. Transfer to Third Parties: We may transfer your personal data to third parties that provide services to us (such as logistics providers, payment institutions, IT service providers, etc.) to achieve the processing purposes described in this policy. We will only cooperate with third parties that comply with GDPR and UK data protection requirements, and will clarify the obligations and responsibilities of third parties through data processing agreements (DPAs), requiring them to take sufficient security measures to ensure that your personal data is effectively protected.
  2. Cross-border Transfer: As we are a UK company, your personal data may be transferred to the UK (countries outside the EU Economic Area). We will ensure that such cross-border transfers comply with GDPR regulations. Specific safeguards include: relying on the European Commission's assessment of the UK's data adequacy (if applicable), or adopting appropriate safeguards recognized by the EU, such as Standard Contractual Clauses (SCCs), and maintaining relevant transfer records. If the data needs to be further transferred to other countries or regions outside the UK and the EU, we will take equally stringent safeguards.

IX. Use of Cookies

Our official website may use cookies and similar tracking technologies to identify your browser, record your website usage preferences, and optimize your website experience. Cookies are divided into necessary cookies and non-necessary cookies:

  1. Necessary Cookies: Cookies essential for ensuring the operation of basic website functions (such as order submission and account login) and can be used without your consent.
  2. Non-necessary Cookies: Cookies used for analyzing website traffic and personalized recommendations, which we will use after obtaining your explicit consent.

You can refuse the use of non-necessary cookies by adjusting your browser settings, but this may affect the normal use of some website functions. You can visit our website's cookie settings page at any time to modify your consent preferences.

X. Policy Updates and Notifications

We may revise this Privacy Policy in accordance with updates to EU data protection laws and regulations, the UK Data Protection Act 2018, or business adjustments. The revised Privacy Policy will be published prominently on our official website (hovecommerce.com) and will indicate the update date. If the revisions have a significant impact on your rights, we will notify you at least 7 business days in advance via your registered email address or other reasonable means.

This policy is effective from the date of publication.

Release Date: January 12, 2026