隐私政策

1. Types of Personal Data We Collect

1.1 Personal Identification Data

• Basic personal information: Full name, gender, date of birth, nationality, and identification document details (e.g., Malaysian IC number, passport number) (if required for customs clearance or order verification).
• Contact information: Email address (e.g., your registered email or cozyteacorner@outlook.com for communication), phone number, residential address, shipping address, and billing address.

1.2 Transaction and Order Data

• Order details: Order number, product purchased, quantity, price, payment amount, order date, delivery date, and order status.
• Payment information: Payment method (e.g., credit card, PayPal, Maybank2u), last 4 digits of credit card number (we do not store full credit card information; payment processing is handled by authorized third-party payment service providers), and transaction records.

1.3 Technical and Usage Data

• Device information: Device type, operating system, browser type and version, IP address, MAC address, and unique device identifiers.
• Usage data: Pages you visit on our Store, time and duration of visits, click-through rates, search queries, browsing history, and information about how you interact with our products and services.
• Cookies and tracking data: We use cookies and similar tracking technologies (e.g., web beacons) to collect information about your browsing behavior. For details, please refer to Section 6 "Cookies and Similar Technologies".

1.4 Other Relevant Data

• Communication records: Content of emails, messages, or calls between you and our customer service team (e.g., inquiries, complaints, return/refund requests).
• Marketing preferences: Your preferences for receiving marketing communications (e.g., newsletters, promotional offers) and your opt-in/opt-out records.
• Data provided voluntarily: Information you submit through surveys, reviews, feedback forms, or social media interactions with our Store.

2. Purposes of Collecting and Using Personal Data

• Processing and fulfilling your orders: Verifying your identity, processing payments, arranging delivery, updating order status, and providing after-sales services (e.g., returns, refunds, replacements).
• Providing customer support: Responding to your inquiries, resolving complaints, handling disputes, and providing you with information about our products and services.
• Sending marketing communications: Sending you newsletters, promotional offers, new product announcements, and other marketing materials that may be of interest to you, provided that you have given your explicit consent.
• Improving our products and services: Analyzing user behavior and feedback to optimize the design and functionality of our Store, enhance product quality, and develop new products or services that meet your needs.
• Ensuring the security of our services: Detecting and preventing fraud, unauthorized access, cyberattacks, and other security risks; complying with relevant security regulations and protecting the legitimate rights and interests of you and our Store.
• Complying with legal and regulatory obligations: Fulfilling obligations under Malaysian laws and regulations (e.g., tax filing, customs clearance, record-keeping requirements) and responding to requests from competent authorities (e.g., courts, regulatory bodies).
• Conducting business analysis and research: Anonymizing and aggregating personal data to conduct market research, statistical analysis, and business planning, which will not identify you individually.

3. How We Disclose and Share Personal Data

• With your explicit consent: We will share your personal data with third parties only if you have given your prior explicit consent, and we will inform you of the purpose and scope of the sharing.
• With service providers: We may share your personal data with authorized third-party service providers who assist us in providing services to you, such as: We will enter into confidentiality agreements with these third-party service providers, requiring them to process your personal data only in accordance with our instructions and relevant laws and regulations, and to take adequate security measures to protect your personal data.
  • Payment processors (e.g., PayPal, Stripe) to process payments securely;
  • Logistics and delivery companies (e.g., Pos Malaysia, GDEX) to arrange order delivery;
  • IT service providers to maintain the operation and security of our Store;
  • Marketing service providers to send marketing communications (with your consent);
  • Audit and accounting firms to fulfill financial and audit obligations.
• For legal and regulatory purposes: We may disclose your personal data to comply with legal obligations, respond to legal proceedings, or protect the legitimate rights and interests of our Store, you, or other third parties (e.g., preventing fraud or illegal activities).
• In the event of business transfer: If we undergo a merger, acquisition, restructuring, sale of assets, or other business transfer, your personal data may be transferred to the successor entity, provided that the successor entity will comply with this Privacy Policy and relevant laws to protect your personal data.
• Anonymized or aggregated data: We may share anonymized or aggregated data (which cannot identify you individually) with third parties for market research, academic research, or other legitimate purposes.

4. Storage and Protection of Personal Data

4.1 Storage Period

4.2 Storage Security

• Implementing data encryption technologies (e.g., SSL/TLS encryption) to protect data during transmission and storage;
• Using secure servers and access control systems to restrict access to personal data (only authorized personnel have access to your personal data);
• Regularly updating and maintaining security software and systems to prevent cyberattacks;
• Conducting security training for employees to enhance their awareness of data protection;
• Establishing emergency response plans for data breaches to minimize the impact of breaches.

5. Your Rights Regarding Personal Data

• Right of access: You have the right to request access to your personal data held by us, including the purpose of processing, the categories of data, and the third parties with whom the data has been shared.
• Right of correction: You have the right to request correction of any inaccurate or incomplete personal data held by us.
• Right to withdraw consent: If you have given consent for us to process your personal data for a specific purpose (e.g., marketing), you have the right to withdraw your consent at any time. Withdrawing consent will not affect the legality of data processing conducted before the withdrawal.
• Right to erasure (right to be forgotten): Under certain circumstances (e.g., the data is no longer necessary for the purpose of processing, or you withdraw consent and there is no other legal basis for processing), you have the right to request erasure of your personal data.
• Right to data portability: You have the right to request us to provide your personal data in a structured, commonly used, and machine-readable format, or to transmit the data to another data controller (where technically feasible).
• Right to object to processing: You have the right to object to the processing of your personal data for direct marketing purposes or for scientific/historical research or statistical purposes, where such processing is likely to cause substantial damage or distress to you.
• Right to complaint: If you believe that our processing of your personal data violates the PDPA or this Privacy Policy, you have the right to file a complaint with us or the Personal Data Protection Department (JPDP) of Malaysia.

6. Cookies and Similar Technologies

6.1 What Are Cookies

6.2 Types and Purposes of Cookies We Use

• Necessary cookies: These cookies are essential for the operation of our Store. They enable you to navigate the Store, use its features (e.g., adding products to the cart, processing payments), and access secure areas. Without these cookies, our services cannot be provided normally. We do not need your consent to use necessary cookies.
• Performance and analytics cookies: These cookies collect information about how you use our Store (e.g., which pages you visit most often, whether you encounter errors). We use this information to analyze and improve the performance of our Store, optimize user experience, and conduct market research. These cookies do not identify you individually.
• Functionality cookies: These cookies allow our Store to remember your preferences (e.g., language settings, shipping address) and provide personalized features. They may also be used to remember your login status (if you have an account with us) to avoid repeated login.
• Marketing cookies: These cookies are used to track your browsing behavior on our Store and other websites, and to send you targeted marketing communications (e.g., promotional offers, new product information) that may be of interest to you. We will only use marketing cookies if you have given your explicit consent.

6.3 Managing Cookies

7. Third-Party Links and Services

8. Children's Privacy

9. Changes to This Privacy Policy

10. Contact Us

• Email: cozyteacorner@outlook.com
• Shopify Store Message: Through the "Contact Us" section on cozyteacorner.myshopify.com
• Business Hours: Monday to Friday, 9:00 AM - 6:00 PM (Malaysia Time, GMT+8); excluding public holidays in Malaysia