Last Updated: January 23, 2026

Company Name: Zhijiang Bingdan Trading Co., Ltd.

Address: Room 1105, Building 1, E-commerce Industrial Park, No. 28-1 Donghu Avenue, Majia Dian Street, Zhijiang City, Yichang, Hubei Province, China

Authorized Director: Chen Jianhua

Social Credit Code: 91420583MAK3LBHY7P

Email: service@mail.dimlov.com

Phone: 19272368146

Thank you for choosing Dimlov Department Store! We are dedicated to serving customers in the U.S. market, offering a wide range of products including home cleaning, digital gadgets, fashion accessories, and cultural creations. We view the security of your personal data and privacy protection as a core responsibility. This policy is based on the U.S. "Personal Information Protection Act," "Data Security Law," and the California Consumer Privacy Act (CCPA), among other relevant laws and regulations. It clearly outlines our measures for the collection, storage, use, and protection of user data to ensure your legal rights are fully safeguarded.

1. Data Collection Scope and Principles

We strictly follow the "minimum necessary" principle, collecting only the user data that is required to complete transactions and provide services. We do not collect unrelated information. The specific data we collect is as follows:

• Basic Identity Information: Name, contact information (email, phone), used for order communication and after-sales response.
• Transaction and Logistics Information: Payment account details, shipping address, logistics contact information, used for completing payment and shipping (3-5 business days for shipment, 7-10 business days for delivery tracking).
• Usage Behavior Information: Browsing history, product favorites, and order history, used solely to optimize recommendations and service experience, not for any other commercial purposes.

All data collection is based on your explicit consent, and you may withdraw your authorization at any time through customer service channels. Upon withdrawal, we will immediately stop collecting and using the relevant data.

2. Data Security Protection Measures

We have established a comprehensive data security protection system that combines both technical and managerial measures to prevent risks such as data leakage, tampering, and loss:

1. Data Storage Encryption: All user data is stored using encryption technology, and sensitive data such as payment information and shipping addresses is further protected using tokenization to replace plaintext transmission. Encryption keys are managed at multiple levels to ensure data storage security. Transaction logs and user data will be retained for at least three years as required by law and will be anonymized and deleted after the retention period.
2. Access Control: Data access is strictly restricted, and only authorized personnel are allowed to process user data. All operations are tracked to prevent unauthorized access.
3. Security Enhancements: Regular security vulnerability testing and repairs are performed on our servers and systems. Firewalls and intrusion detection systems are deployed to prevent network attacks and unauthorized access, ensuring a secure environment for data transmission and processing.
4. Third-Party Compliance: We sign data security agreements with third-party service providers (such as payment and logistics companies) to define the scope and responsibilities of data processing. We conduct regular audits to ensure their compliance and ensure that user data is not shared or misused without authorization.

3. Data Use and Sharing Regulations

1. Data Use Restrictions: User data is solely used to fulfill orders, provide after-sales support, and optimize service experiences. We will not use data for any other purposes or engage in practices such as "big data discrimination."
2. Data Sharing Constraints: We will never sell or share your personal data with third parties without your explicit consent. When sharing data with third parties (e.g., logistics providers), we will anonymize the data and only provide the information necessary to complete the service.
3. Cross-Border Data Transfer: User data is stored within the U.S. If cross-border transfer is required, we will strictly comply with U.S. regulations and ensure data security through security assessments or the signing of standard contractual clauses.

4. User Data Rights and Exercise

Under relevant U.S. regulations, you have the following data rights, and we will provide convenient channels to help you exercise these rights:

• Right to Know and Access: You may request to know the types and specific content of personal data we have collected about you.
• Right to Correct: If there is any incorrect information in your personal data, you may request us to correct it.
• Right to Delete ("Right to be Forgotten"): Subject to legal retention requirements and business necessities, you may request the deletion of your personal data.
• Right to Opt-Out: You can opt-out of having your information used for personalized recommendations and other non-essential services.

To exercise any of these rights, please email us at service@mail.dimlov.com. We will respond to your request within 15 business days.

5. Data Security Incident Response

In the event of a data security breach, we will immediately initiate an emergency response plan, including damage control, investigation, and remediation. Affected users will be notified within the time frame required by law, with details about the incident and the measures taken. We will also cooperate with regulatory authorities to minimize the impact on users.

6. Contact Us

If you have any questions, complaints, or suggestions regarding personal data security, you can contact us through the following methods:

• Customer Service Email: service@mail.dimlov.com
• Customer Service Hours: Monday to Friday, 9:00 AM to 6:00 PM (UTC+8:00)

This policy will be updated as needed based on regulatory changes or business adjustments. Any changes will be communicated to you separately. We are committed to protecting your data security in a compliant and rigorous manner, and we thank you for your trust and understanding!

This policy is owned by Dimlov Department Store, and any issues not covered herein will be governed by applicable U.S. data security laws and regulations.