Privacy Policy

Xiamen YESHENG Communication Equipment Co., Ltd. (“YESHENG,” “we,” “us,” or “our”) is committed to protecting the privacy and security of your personal data. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website www.yesservice.cn or engage with our services. We process personal data in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

01 Information We Collect
02 How We Use Your Information
03 Data Sharing & Disclosure
04 Data Security
05 Cookies & Tracking Technologies
06 Your Rights
07 Data Retention
08 International Data Transfers
09 Children’s Privacy
10 Changes to This Policy
11 Contact Us

01 Information We Collect

We may collect and process the following categories of personal data:

Information You Provide Directly

Contact Information: name, email address, phone number, company name, and job title when you submit an inquiry form, request a quote, or contact us directly.
Business Information: details about your company, service requirements, device types, and repair specifications provided in connection with our services.
Communications: the content of emails, messages, and other correspondence you send to us.

Information Collected Automatically

Device & Browser Data: IP address, browser type and version, operating system, device identifiers, and screen resolution.
Usage Data: pages visited, time spent on pages, referral URLs, click patterns, and navigation paths.
Location Data: approximate geographic location derived from your IP address.
Cookies & Similar Technologies: information collected through cookies, web beacons, and similar tracking technologies (see Section 5).

Information from Third Parties

Business Partners: we may receive your contact details from business partners, distributors, or referral networks in connection with potential service engagements.
Analytics Providers: aggregated or pseudonymized data from third-party analytics services.

02 How We Use Your Information

We use the personal data we collect for the following purposes:

Service Delivery: to process your inquiries, provide quotes, manage repair and service orders, and deliver our after-sales and logistics services.
Communication: to respond to your requests, send service updates, and provide customer support.
Business Operations: to manage our business relationship with you, process transactions, and maintain our records.
Website Improvement: to analyze usage patterns, optimize our website performance, and enhance the user experience.
Marketing: to send relevant industry updates, service information, and promotional materials where you have given your consent or where we have a legitimate business interest (you may opt out at any time).
Legal Compliance: to comply with applicable laws, regulations, and legal processes.
Security: to detect, prevent, and respond to fraud, unauthorized access, and other security threats.

Legal Bases for Processing (GDPR): We process your personal data based on one or more of the following legal grounds: (a) your consent; (b) performance of a contract; (c) compliance with a legal obligation; or (d) our legitimate business interests, provided these do not override your fundamental rights and freedoms.

03 Data Sharing & Disclosure

We do not sell your personal data. We may share your information with the following categories of recipients only as necessary:

Service Providers: trusted third-party vendors who assist us with website hosting, analytics, email delivery, and IT infrastructure, bound by contractual obligations to protect your data.
Business Partners: logistics providers, component suppliers, and other partners involved in fulfilling your service orders.
Professional Advisors: legal, accounting, and audit professionals as required for our business operations.
Legal Authorities: government bodies, regulators, or law enforcement agencies when required by applicable law, regulation, court order, or to protect our legal rights.
Corporate Transactions: in connection with a merger, acquisition, reorganization, or sale of assets, where your data may be transferred as part of the transaction, subject to continued protection under this policy.

All third parties with whom we share data are required to implement appropriate technical and organizational measures to safeguard your personal information.

04 Data Security

Protecting your personal data is a top priority. We implement comprehensive technical and organizational security measures to safeguard your information against unauthorized access, alteration, disclosure, or destruction.

Our commitment to data security is validated by internationally recognized certifications:

ISO 9001 — Quality Management

ISO 27001 — Information Security

ISO 27701 — Privacy Information Management

Our security measures include, but are not limited to:

Encryption of data in transit (TLS/SSL) and at rest.
Role-based access controls with the principle of least privilege.
Regular security assessments, vulnerability scanning, and penetration testing.
Incident response procedures and breach notification protocols.
Employee training on data protection and information security best practices.
Physical security controls at all our facilities, including our Xiamen headquarters and service centers.

While no method of data transmission or storage is 100% secure, we continuously review and strengthen our security practices to maintain the highest level of protection.

05 Cookies & Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience and to help us understand how our site is used.

Types of Cookies We Use

Essential Cookies: required for the website to function properly, such as session management and security features. These cannot be disabled.
Analytics Cookies: help us understand visitor behavior, page views, and traffic sources. We use Google Analytics to collect aggregated, anonymized usage data.
Functional Cookies: remember your preferences (such as language selection) to provide a more personalized experience.

Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies. Please note that disabling certain cookies may affect the functionality of our website.

For more information about cookies and how to manage them, visit www.allaboutcookies.org.

06 Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Under the GDPR (EEA/UK Residents)

Right of Access: request a copy of the personal data we hold about you.
Right to Rectification: request correction of inaccurate or incomplete personal data.
Right to Erasure: request deletion of your personal data (“right to be forgotten”).
Right to Restriction: request that we limit the processing of your personal data.
Right to Data Portability: receive your personal data in a structured, commonly used, and machine-readable format.
Right to Object: object to the processing of your personal data, including for direct marketing purposes.
Right to Withdraw Consent: withdraw your consent at any time where processing is based on consent.
Right to Lodge a Complaint: file a complaint with your local data protection supervisory authority.

Under the CCPA (California Residents)

Right to Know: request disclosure of the categories and specific pieces of personal information we have collected about you.
Right to Delete: request deletion of personal information we have collected from you.
Right to Opt-Out: opt out of the “sale” of personal information. Note: we do not sell personal information.
Right to Non-Discrimination: exercise your privacy rights without receiving discriminatory treatment.

To exercise any of these rights, please contact us using the details provided in Section 11. We will respond to verified requests within the timeframes required by applicable law (typically 30 days under GDPR, 45 days under CCPA).

07 Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

Active Business Relationship: for the duration of our business relationship and the provision of services.
Legal Obligations: as required by applicable tax, accounting, and regulatory requirements (typically 5–7 years for financial records).
Dispute Resolution: for the period necessary to establish, exercise, or defend legal claims.
Inquiry Records: website inquiry data is retained for up to 24 months from the date of your last interaction, unless a longer period is required by law or an ongoing business relationship.

When personal data is no longer needed, we securely delete or anonymize it in accordance with our data retention policies and applicable legal requirements.

08 International Data Transfers

As a company headquartered in Xiamen, China, with clients and partners worldwide, your personal data may be transferred to and processed in countries outside your country of residence, including the People’s Republic of China.

When we transfer personal data internationally, we implement appropriate safeguards to ensure your data receives an adequate level of protection, including:

Standard Contractual Clauses (SCCs): EU-approved contractual clauses that provide adequate protection for personal data transferred outside the EEA.
Data Processing Agreements: binding agreements with all service providers and partners that require them to protect your data in accordance with this policy.
ISO 27001 & ISO 27701 Compliance: our certified information security and privacy management systems apply across all our operations and facilities globally.
Technical Safeguards: encryption, access controls, and other technical measures that protect data regardless of where it is processed.

By engaging with our services, you acknowledge that your data may be transferred internationally. If you have questions about our data transfer practices, please contact us.

09 Children’s Privacy

Our website and services are directed to businesses and professionals. We do not knowingly collect, use, or disclose personal data from individuals under the age of 16 (or the applicable age of consent in your jurisdiction).

If we become aware that we have inadvertently collected personal data from a child, we will take prompt steps to delete such information from our systems. If you believe that we may have collected information from a child, please contact us immediately using the details in Section 11.

10 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

Update the “Last Updated” date at the top of this page.
Post a notice on our website to inform you of significant changes.
Where required by law, obtain your consent before implementing changes that affect how we process your data.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

11 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us:

Xiamen YESHENG Communication Equipment Co., Ltd.

Building D, Xiangyu Bonded Logistics Park, Xiamen, Fujian, China

Lisa.ling@YesService.cn

+852 9137 6265

www.yesservice.cn

For GDPR-related inquiries, you may also contact your local data protection supervisory authority. We aim to respond to all legitimate requests within 30 days.

Contents