DINGDINGKING.COM (DDK) INTERNATIONAL CONSUMER PRIVACY POLICY
Effective Date: June 24, 2026 | Document Reference: DDK-PRP-2026-V3
1. Revisionary Statement and Jurisdictional Compliance
- 1.1. Commitment to Data Sovereignty: Ding DingKing (“Company,” “we,” “us”) recognizes that data security is a foundational requirement for high-end consumer brands. This Privacy Policy outlines our strict protocols for the acquisition, cryptographic protection, internal storage, operational processing, and lawful disclosure of personal identity data collected from international consumers.
- 1.2. Multi-Jurisdictional Compliance Baseline: Our global processing framework is structured to meet or exceed the rigorous standards set by cross-border data protection legislation governing our primary production hubs and target consumption markets. This includes, but is not limited to:
- The Personal Data Protection Act 2010 (PDPA) – Malaysia;
- The Personal Data (Privacy) Ordinance (PDPO) (Cap. 486) – Hong Kong;
- Relevant ASEAN Cross-Border Data Privacy Frameworks and APEC Cross-Border Privacy Rules (CBPR).
2. Exhaustive Specification of Data Accumulation
DDK restricts data collection strictly to information required to execute secure e-commerce transactions, fulfill cold-chain logistics, and manage relationship communications. We capture:
- 2.1. Explicit Identity and Communication Credentials: Full legal name of the ordering individual or corporate procurement officer, delivery coordinates, accurate residential or corporate billing coordinates, mobile numbers, and electronic mail credentials.
- 2.2. Transactional Metadata and Payment Identifiers: Transaction timelines, retail SKU items purchased, gross value metrics, and encrypted tokenized transaction records provided by PCI-DSS compliant third-party payment gateways. (DDK never saves raw debit/credit card CVV strings).
- 2.3. Automated Telemetry Records: Device connection IP addresses, web localization parameters, hardware browser version strings, and session historical paths extracted via integrated cookie files.
3. Legal Principles for Data Utilization and Processing
DDK deploys your private data records strictly under verifiable legal processing foundations, processing information to support:
- 3.1. Contractual Realization and Operational Logistics: Validating payment authenticity, executing order acceptance thresholds, coordinating international air-cargo transport channels, and transmitting automated shipping alerts to your contact points.
- 3.2. Institutional Marketing Communication: Delivering tailored brand alerts, agricultural harvest forecasts, and holiday corporate gifting opportunities exclusively where explicit consent has been logged via our preference controls.
4. Cryptographic Data Safeguarding and Retention Lifecycles
- 4.1. Security Infrastructures: Personal data items are instantly encrypted using industry-leading Secure Socket Layer (SSL) and Advanced Encryption Standard (AES-256) network architectures during data transit and storage phases inside our operational servers.
- 4.2. Retention Limitation: DDK retains personal database logs strictly for the chronological period required to achieve the initial logistics fulfillment objective, manage customer service workflows, or maintain statutory commercial auditing compliance under Malaysian tax rules. Discarded records undergo permanent cryptographic wiping.
5. Lawful Infrastructure Restrictions with Third-Party Partners
- 5.1. No Selling of Consumer Profiles: DDK does not sell, rent, trade, or lease customer data profiles to third-party data brokers or speculative advertising agencies.
- 5.2. Authorized Supply Chain Sharing: Personal records are shared exclusively with verified service entities within our integrated vertical fulfillment network, restricted to:
- International Cold-Chain Logistics Operators: Air freight agents and local temperature-controlled courier networks who require delivery addresses and telephone contact points to coordinate physical product handovers;
- Verified Customs Brokerage Entities: Authorized customs clearers operating in China and Hong Kong to process mandatory agricultural import filings, where DDK settles all duties;
- Certified Financial Gateways: PCI-compliant transaction engines processing credit card settlements.
6. Exercise of Consumer Data Rights
- 6.1. Individual Data Sovereignty Rights: Subject to regional statutory boundaries, consumers hold the right to access their personal records, request corrections of inaccurate data, restrict processing types, or completely withdraw consent for relationship marketing.
- 6.2. Logging a Privacy Request: To execute any data protection rights, individuals may submit a formal request to our designated Data Protection Officer via email at privacy@dingdingking.com. DDK will verify the applicant’s identity prior to modifying or deleting records.
DINGDINGKING.COM (DDK) 国际消费者隐私政策
生效日期:2026年6月24日 | 文件编号:DDK-PRP-2026-V3
1. 修订声明与司法管辖权合规
- 1.1. 对数据主权的承诺:Ding DingKing(简称”公司”、”我们”、”本公司”)体认到,数据安全是高端消费品牌的基本要求。本隐私政策概述了我们对从国际消费者处收集的个人身份数据进行获取、加密保护、内部存储、操作处理以及合法披露的严格协议。
- 1.2. 多司法管辖区合规基准:我们的全球处理框架结构旨在达到或超过管辖我们主要生产中心和目标消费市场的跨境数据保护立法所设定的严格标准。这包括但不限于:
- 《2010年个人数据保护法》(PDPA)- 马来西亚;
- 《个人资料(私隐)条例》(PDPO)(第486章)- 香港特别行政区;
- 相关的东盟跨境数据隐私框架和亚太经合组织(APEC)跨境隐私规则(CBPR)。
2. 数据累积的详尽说明
DDK 将数据收集严格限制在执行安全电子商务交易、履行冷链物流和管理客户关系沟通所需的信息。我们获取:
- 2.1. 明确的身份和通讯凭证:订购个人或企业采购主管的完整法定姓名、交付坐标、准确的住宅或公司账单坐标、手机号码和电子邮箱凭证。
- 2.2. 交易元数据和支付标识符:交易时间线、购买的零售 SKU 商品、总价值指标,以及由符合 PCI-DSS 标准的第三方支付网关提供的加密标记化交易记录。(DDK 绝不保存原始借记卡/信用卡的 CVV 字符串)。
- 2.3. 自动遥测记录:设备连接 IP 地址、网络本地化参数、硬件浏览器版本字符串,以及通过整合的 cookie 文件提取的会话历史路径。
3. 数据使用与处理的法律原则
DDK 严格在可验证的法律处理基础上部署您的私有数据记录,处理信息以支持:
- 3.1. 合同兑现与运营物流:验证支付真实性、执行订单接受门槛、协调国际航空货物运输渠道,以及向您的联络点发送自动化出货警报。
- 3.2. 机构营销沟通:仅在通过我们的偏好控制记录了明确同意的情况下,发布定制的品牌警报、农业收获预测和节日企业礼品机会。
4. 加密数据保护与保留生命周期
- 4.1. 安全基础设施:个人数据项在我们的运营服务器内的数据传输和存储阶段,会立即使用行业领先的安全套接层(SSL)和高级加密标准(AES-256)网络架构进行加密。
- 4.2. 保留限制:DDK 保留个人数据库日志的时间,严格限于实现初始物流履约目标、管理客户服务工作流程或维护马来西亚税务规则规定的法定商业审计合规性所需的历史时期。废弃的记录将进行永久性的加密清除。
5. 与第三方合作伙伴的合法基础设施限制
- 5.1. 禁止出售消费者资料:DDK 不向第三方数据经纪商或投机性广告机构出售、出租、交易或租赁客户数据资料。
- 5.2. 经授权的供应链共享:个人记录仅与我们整合的垂直履约网络中经验证的服务实体共享,严格限于:
- 国际冷链物流运营商:空运代理和本地温控快递网络,他们需要送货地址和电话联系点来协调产品的交接;
- 经验证的海关报关实体:在中国和香港运营的经授权的海关清关人员,用以处理农业进口申报,其中所有税费由 DDK 结算;
- 经认证的财务网关:处理信用卡结算的符合 PCI 标准的交易引擎。
6. 行使消费者数据权利
- 6.1. 个人数据主权权利:受区域法定边界的约束,消费者拥有访问其个人记录、要求纠正不准确数据、限制处理类型或完全撤回对关系营销同意的权利。
- 6.2. 记录隐私请求:要行使任何数据保护权利,个人可通过电子邮件发送正式请求至我们的指定数据保护官:privacy@dingdingking.com。DDK 将在修改或删除记录之前验证申请人的身份。