Last Updated: January 18, 2025

1. About Us

Our official and exclusive website address: https://5elementslink.com

Our official and exclusive contact email: 5elementslink@gmail.com

2. Information We Collect and Legal Bases for Processing

We collect the following information based on different business scenarios, and each data collection activity has a legal basis, as detailed below:

  • Order Information: Collected content includes name, shipping address, email address, phone number, payment details (processed via PayPal, international credit cards, Google Pay, and Apple Pay) and the type of products in the order. The legal basis is the performance of a contract (the purchase agreement between you and us).
  • Account Information: Collected content includes username, email address, and encrypted password. The legal basis is the performance of a contract (the account service agreement).
  • Browsing Data: Collected content includes shopping cart items, product browsing history, website interaction activities (collected via Cookies). The legal basis is legitimate interest (optimizing website performance and enhancing user experience).
  • Comments and Submitted Content: Collected content includes text content, uploaded images, email address. The legal basis is user consent (your active submission constitutes consent).
  • Marketing-Related Information: Collected content includes subscription status, marketing preferences. The legal basis is user consent (your active subscription constitutes consent).

(Legal Basis: GDPR Article 6)

3. How We Use Your Information

  • Process and complete your order (including custom 3D-printed packaging boxes based on order products), logistics and shipping, and payment processes
  • Personalize your shopping experience and recommend suitable products for you
  • If you actively subscribe, send you marketing emails about new product launches, promotions, etc. (you can unsubscribe at any time)
  • Detect and prevent fraudulent activities and spam
  • Fulfill legal obligations (such as tax declaration, compliance with GDPR regulations)

4. Payment Processing

We process payment transactions using PayPal, international credit cards ( Visa, MasterCard, American Express (Amex), JCB, Discover, Diners Club ), Google Pay and Apple Pay. All payment services comply with the Payment Card Industry Data Security Standard (PCI DSS), with specific compliance details as follows:

  • We do not store sensitive payment data such as full credit card numbers, CVV codes, or expiration dates, and only retain necessary records such as transaction amount and payment time;
  • Links to relevant privacy policies are as follows:
  • If you cannot access the above links, you can contact us via the official exclusive email to obtain the complete policy text.

(Legal Basis: PCI DSS Requirement 3.2: Prohibition of storing sensitive authentication data)

5. Cross-Border Data Transfer

Your relevant data may be transmitted and stored on the servers of Hostinger (our web hosting provider) and payment processors (PayPal, international credit card payment service providers, Google Pay, and Apple Pay).

  • For EU user data: We have signed the EU Standard Contractual Clauses (SCC) with Hostinger to ensure cross-border data transfer complies with GDPR Article 46;
  • All data transfers use SSL encryption technology and strictly adhere to GDPR data security regulations.

(Legal Basis: GDPR Articles 44-49: Cross-border data transfers require appropriate safeguards)

6. Data Breach Notification

In the event of a data breach that may affect the security of your personal data, we will notify you via the official exclusive email within 72 hours, informing you of the type of leaked data, the scope of impact, and remedial measures. At the same time, we will cooperate with regulatory authorities to complete the investigation and follow-up handling.

7. Children’s Privacy Protection

Our services are not intended for children under the age of 13 (U.S. COPPA requirement) and we do not actively collect personal data of minors under the age of 16 (EU GDPR requirement);

If we find that we have inadvertently collected personal data of a minor under the age of 16, the guardian can contact us via the official exclusive email. We will confirm the request within 1 working day and delete the relevant data within 3 working days.

(Legal Basis: GDPR Article 8, U.S. COPPA 15 USC § 6501, etc.)

8. Marketing Email Unsubscription Rules

After subscribing to marketing emails, you can unsubscribe with one click via the “Unsubscribe” link at the bottom of each email, or apply to unsubscribe via the official email. After submitting the unsubscribe request, we will stop sending you marketing emails within 24 hours and will not contact you for marketing purposes again.

9. Privacy Rights You Enjoy

9.1 EU Users (GDPR Rights)

You have the right to:

  • Access your personal data stored by us (Right to Access);
  • Request correction of any inaccurate personal data (Right to Rectification);
  • Request deletion of your personal data (Right to Erasure/Right to be Forgotten, subject to legal requirements);
  • Object to the use of your personal data for marketing purposes (Right to Objection);
  • Withdraw your consent at any time (Right to Withdraw Consent);
  • Request your personal data in a structured, machine-readable format (e.g., CSV/JSON) and transmit it to another data controller (Right to Data Portability);
  • Request restriction or suspension of the processing of your personal data (Right to Restriction of Processing).
9.2 California (USA) Users (CCPA/CPRA Rights)

If you are a user in California, USA, you are entitled to additional rights under the California Consumer Privacy Act (CCPA/CPRA):

  • Request a download of your personal data stored by us;
  • Request that we not use your personal data for third-party targeted advertising;
  • Request that we not sell your personal data (we do not sell any user data).
Instructions for Exercising Rights
  • To exercise the above rights, please contact us via the official exclusive email: 5elementslink@gmail.com;
  • We will respond to user rights requests within 1 month. For special and complex cases, the period may be extended by 2 months, and we will notify you of the reason via email in advance;
  • To ensure data security, we may require you to provide identity verification information (such as order number, registered email) before processing the request.

(Legal Basis: GDPR Articles 15-20, CCPA § 1798.100, etc.)

10. Data Retention Period

We will retain your information based on the purpose of data use, with the following periods:

  • Order Data: Retained for 1 year after the order is completed (for tax declaration and after-sales tracking);
  • Account Data: Retained continuously during your account registration period, and deleted within 30 days after account cancellation;
  • Comments/Submitted Content: Retained for 2 years after publication if you do not actively delete it;
  • Marketing Data: Retained for 30 days after you unsubscribe (to confirm the unsubscription status).

11. Contact Us

If you have any questions about this Privacy Policy, please contact us via the official exclusive email: 5elementslink@gmail.com