PRIVACY & SECURITY POLICY

Effective Date: 2025-12-03

This Privacy & Security Policy (“Policy”) describes how Wisdsta (referred to as “Wisdsta,” “We,” “Us,” or “Our”), operating the website https://www.wisdsta.com (the “Website”), collects, uses, processes, and shares your Personal Information when you visit or make a purchase from the Website.

SECTION 1 – INTRODUCTION

Wisdsta is committed to protecting your privacy and ensuring the security of your Personal Information. This Policy outlines our practices regarding the collection, use, and disclosure of your information, in compliance with applicable data protection laws, including the European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and other relevant international standards. By accessing or using our Website, you acknowledge that you have read, understood, and agree to be bound by the terms of this Policy.

SECTION 2 – INFORMATION WE COLLECT

We collect various types of information to provide and improve our services, fulfill your orders, and enhance your experience on our Website. This information can be broadly categorized as follows:

2.1. Personal Information

This refers to information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you. We collect Personal Information you provide directly to us, such as when you create an account, place an order, subscribe to our newsletter, or contact customer support. This may include:

  • Contact Information: Name, shipping address, billing address, email address, phone number.
  • Account Information: Username, password (encrypted).
  • Demographic Information: Age, gender (optional).
  • User-Generated Content: Reviews, comments, or other content you submit to the Website.

2.2. Payment Information

When you make a purchase, we collect payment details necessary to process your transaction. This includes credit card numbers, debit card numbers, or other payment method details.
WE DO NOT DIRECTLY STORE FULL PAYMENT CARD NUMBERS ON OUR SERVERS. All payment transactions are processed securely by PCI-DSS compliant third-party payment processors (e.g., Shopify Payments, PayPal, Stripe). We only receive a tokenized version of your payment information, which allows us to process recurring payments if you opt for such services, without exposing your sensitive financial data.

2.3. Technical and Usage Information

When you access and use our Website, we automatically collect certain information about your device and browsing activity. This information helps us understand how our Website is used and to improve its functionality. This may include:

  • Device Information: IP address, device type, operating system, browser type, unique device identifiers.
  • Log Data: Pages viewed, referring/exit pages, date/time stamps, clickstream data.
  • Location Information: General geographical location derived from your IP address.
  • Cookie and Tracking Data: Information collected through cookies, web beacons, pixels, and similar technologies (as detailed in Section 6).

SECTION 3 – HOW WE USE YOUR INFORMATION

We use the information we collect for various business purposes, including:

3.1. Order Fulfillment and Service Provision

  • To process and fulfill your orders, including payment processing, shipping, and delivery.
  • To provide customer support, respond to your inquiries, and manage returns or exchanges.
  • To manage your account and provide you with access to our services.

3.2. Fraud Prevention and Security

  • To detect, prevent, and investigate fraudulent or unauthorized transactions and other illegal activities.
  • To protect the security and integrity of our Website and services.

3.3. Marketing and Promotional Communications

  • To send you promotional offers, newsletters, and marketing communications about our products and services, where you have provided your consent or where permitted by law.
  • To personalize your experience on our Website and present you with tailored content and advertisements.

3.4. Website Improvement and Personalization

  • To analyze and understand how our Website is used, to improve its functionality, performance, and user experience.
  • To conduct research and analytics to develop new products, services, and features.
  • To personalize your shopping experience, including displaying products and offers relevant to your interests.
  • To comply with applicable laws, regulations, legal processes, and governmental requests.
  • To enforce our Terms of Service and other policies.
  • To protect the rights, property, or safety of Wisdsta, our users, or the public.

SECTION 4 – SHARING OF INFORMATION

We may share your Personal Information with third parties for the purposes described in this Policy, under the following circumstances:

4.1. Third-Party Service Providers

We engage trusted third-party service providers to perform functions on our behalf and to assist us in operating our business. These providers have access to Personal Information only as needed to perform their functions and are contractually obligated to maintain the confidentiality and security of that information. Categories of service providers include:

  • E-commerce Platform Providers: Such as Shopify, which hosts our online store.
  • Payment Processors: To securely handle your payment transactions.
  • Logistics and Shipping Carriers: To deliver your orders (e.g., DHL, FedEx, local postal services).
  • Marketing and Advertising Partners: To manage our marketing campaigns and display relevant advertisements (e.g., Google, Meta, TikTok).
  • Analytics Providers: To help us understand Website usage (e.g., Google Analytics).
  • IT and System Support Providers: For website maintenance, data storage, and security.

4.2. Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your Personal Information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Website of any such change in ownership or control of your Personal Information.

We may disclose your Personal Information if required to do so by law or in the good faith belief that such action is necessary to:

  • Comply with a legal obligation, such as a subpoena, court order, or other governmental request.
  • Protect and defend the rights or property of Wisdsta.
  • Prevent or investigate possible wrongdoing in connection with the Website.
  • Protect the personal safety of users of the Website or the public.

We may share your Personal Information with third parties when we have your explicit consent to do so.

4.5. International Data Transfers

Wisdsta operates globally, and our primary country of jurisdiction and operation is China. As such, your Personal Information may be transferred to, stored, and processed in China, or other countries where our service providers are located, which may have different data protection laws than those in your country of residence.

For transfers of Personal Information from the European Economic Area (EEA), the United Kingdom, or Switzerland to countries not deemed to provide an adequate level of data protection by the European Commission or relevant authorities, we implement appropriate safeguards. These safeguards typically include reliance on STANDARD CONTRACTUAL CLAUSES (SCCs) approved by the European Commission, or other legally recognized mechanisms, to ensure your data receives an equivalent level of protection as it would under GDPR. By using our Website and providing your Personal Information, you acknowledge and agree to such transfers.

SECTION 5 – SECURITY OF DATA

We are committed to protecting the security of your Personal Information. We implement a variety of technical and organizational measures designed to safeguard your data against unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Encryption: We use Secure Socket Layer (SSL)/Transport Layer Security (TLS) encryption technology to protect data transmitted between your browser and our Website, particularly for sensitive information like payment details and login credentials.
  • Payment Card Industry Data Security Standard (PCI-DSS) Compliance: While we do not directly store full payment card numbers, our third-party payment processors are PCI-DSS compliant, ensuring the secure handling of your payment information.
  • Access Controls: We restrict access to Personal Information to authorized employees, contractors, and agents who need to know that information to process it for us and who are subject to strict contractual confidentiality obligations.
  • Regular Security Audits: We regularly review our information collection, storage, and processing practices, including physical security measures, to guard against unauthorized access to systems.

HOWEVER, NO METHOD OF TRANSMISSION OVER THE INTERNET, OR METHOD OF ELECTRONIC STORAGE, IS 100% SECURE. THEREFORE, WHILE WE STRIVE TO USE COMMERCIALLY ACCEPTABLE MEANS TO PROTECT YOUR PERSONAL INFORMATION, WE CANNOT GUARANTEE ITS ABSOLUTE SECURITY. ANY TRANSMISSION OF PERSONAL INFORMATION IS AT YOUR OWN RISK.

SECTION 6 – COOKIES AND TRACKING TECHNOLOGIES

We use cookies, web beacons, pixels, and similar tracking technologies to enhance your experience on our Website, analyze trends, administer the Website, track users’ movements around the Website, and gather demographic information about our user base as a whole.

6.1. What are Cookies?

Cookies are small data files that are placed on your device (computer, tablet, or mobile phone) when you visit a website. They are widely used to make websites work more efficiently, as well as to provide reporting information.

  • Session Cookies: These are temporary cookies that expire when you close your browser. They are used to remember your activity during a single browsing session.
  • Persistent Cookies: These cookies remain on your device for a set period or until you delete them. They are used to remember your preferences and actions across multiple visits.

6.2. How We Use Tracking Technologies

We use cookies and other tracking technologies for the following purposes:

  • Essential Cookies: Necessary for the Website to function properly, enabling core functionalities like security, network management, and accessibility.
  • Performance and Analytics Cookies: To collect information about how you use our Website, such as which pages you visit most often, to help us improve the Website’s performance and design. We use Google Analytics for this purpose.
  • Functionality Cookies: To remember choices you make (e.g., language or region) and provide enhanced, more personalized features.
  • Advertising and Targeting Cookies: To deliver advertisements relevant to your interests and to measure the effectiveness of our advertising campaigns. We use Meta Pixel (Facebook Pixel) and TikTok Pixel to track user interactions and optimize our advertising on these platforms.

6.3. Your Choices Regarding Cookies

Most web browsers are set to accept cookies by default. You can typically modify your browser settings to decline cookies or to notify you when a cookie is being placed. However, if you disable cookies, some features of our Website may not function properly.

6.4. “Do Not Track” Signals

Some web browsers may transmit “Do Not Track” (DNT) signals. Our Website does not currently respond to DNT signals. This means that we collect information about your activity on the Website even if you have a DNT signal activated in your browser.

SECTION 7 – YOUR RIGHTS (GDPR & GENERAL)

If you are a resident of the European Economic Area (EEA), the United Kingdom, or Switzerland, or if you are otherwise entitled to these rights under applicable law, you have certain rights regarding your Personal Information. We extend these rights to all our users where feasible and legally permissible. These rights include:

7.1. Right to Access

You have the right to request a copy of the Personal Information we hold about you.

7.2. Right to Rectification

You have the right to request that we correct any inaccurate or incomplete Personal Information we hold about you.

7.3. Right to Erasure (Right to be Forgotten)

You have the right to request the deletion of your Personal Information, under certain conditions.

7.4. Right to Restriction of Processing

You have the right to request that we restrict the processing of your Personal Information, under certain conditions.

7.5. Right to Data Portability

You have the right to receive your Personal Information in a structured, commonly used, and machine-readable format and to transmit that data to another controller, under certain conditions.

7.6. Right to Object to Processing

You have the right to object to our processing of your Personal Information, under certain conditions, particularly where we process your data based on legitimate interests or for direct marketing purposes.

Where we rely on your consent to process your Personal Information, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

7.8. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you believe that our processing of your Personal Information infringes applicable data protection laws.

To exercise any of these rights, please contact us using the details provided in Section 12 – CONTACT US. We may require you to verify your identity before responding to your request.

SECTION 8 – CALIFORNIA PRIVACY RIGHTS (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) grants you specific rights regarding your Personal Information. This section describes your CCPA/CPRA rights and explains how to exercise those rights.

8.1. Categories of Personal Information Collected

In the preceding 12 months, we have collected the following categories of Personal Information:

  • Identifiers: Name, postal address, email address, phone number, IP address, unique personal identifier, online identifier.
  • Commercial Information: Records of products or services purchased, obtained, or considered; purchasing or consuming histories or tendencies.
  • Internet or Other Similar Network Activity: Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
  • Geolocation Data: Approximate physical location (derived from IP address).
  • Inferences: Derived from other personal information to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

8.2. Your CCPA/CPRA Rights

As a California resident, you have the following rights:

8.2.1. Right to Know

You have the right to request that we disclose to you the categories and specific pieces of Personal Information we have collected about you, the categories of sources from which the Personal Information is collected, the business or commercial purpose for collecting, selling, or sharing Personal Information, and the categories of third parties to whom we disclose Personal Information.

8.2.2. Right to Delete

You have the right to request the deletion of Personal Information that we have collected from you, subject to certain exceptions.

8.2.3. Right to Opt-Out of Sale/Sharing

You have the right to direct us to not “sell” or “share” your Personal Information at any time. Under CCPA/CPRA, “selling” includes disclosing Personal Information for monetary or other valuable consideration, and “sharing” includes disclosing Personal Information for cross-context behavioral advertising.
WISDSTA DOES NOT SELL YOUR PERSONAL INFORMATION IN THE TRADITIONAL SENSE FOR MONETARY GAIN. HOWEVER, WE MAY SHARE CERTAIN PERSONAL INFORMATION (SUCH AS DEVICE IDENTIFIERS AND BROWSING ACTIVITY) WITH THIRD-PARTY ADVERTISING PARTNERS (E.G., GOOGLE, META, TIKTOK) FOR CROSS-CONTEXT BEHAVIORAL ADVERTISING, WHICH MAY BE CONSIDERED A “SALE” OR “SHARING” UNDER CALIFORNIA LAW.
To exercise your right to opt-out, please click on the “Do Not Sell or Share My Personal Information” link typically found in our website footer, or contact us using the details in Section 12.

8.2.4. Right to Limit Use and Disclosure of Sensitive Personal Information

You have the right to limit our use and disclosure of your sensitive personal information (e.g., precise geolocation, racial or ethnic origin, religious or philosophical beliefs, union membership, content of mail, email, and text messages, genetic data, biometric information, health information, sexual orientation) to that which is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services. Wisdsta generally does not collect sensitive personal information beyond what is necessary for standard e-commerce operations.

8.2.5. Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA/CPRA rights. This means we will not deny you goods or services, charge you different prices or rates, provide a different level or quality of goods or services, or suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

8.3. Exercising Your CCPA/CPRA Rights

To exercise your rights to know, delete, or opt-out, please submit a verifiable consumer request to us by:

  • Emailing us at wisdsta@sreah.com
  • Calling us at ‪+1 (667) 577-0651‬
  • Using the “Do Not Sell or Share My Personal Information” link on our Website (if available).

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child. We will need to verify your identity before processing your request.

SECTION 9 – SMS/MMS MOBILE MARKETING

If you opt-in to receive SMS/MMS mobile marketing messages from Wisdsta, you agree to receive recurring automated promotional and personalized marketing text messages (e.g., cart reminders) from us at the phone number you provided. This service is subject to our Terms of Service and this Privacy Policy.

  • Consent: Your consent to receive marketing text messages is not a condition of any purchase.
  • Message Frequency: Message frequency will vary.
  • Message and Data Rates: Message and data rates may apply.
  • Opt-Out: You can opt-out of receiving SMS/MMS messages at any time by replying “STOP” to any message you receive from us. After you send the SMS message “STOP” to us, we will send you an SMS message to confirm that you have been unsubscribed. After this, you will no longer receive SMS messages from us. If you want to join again, just sign up as you did the first time, and we will start sending SMS messages to you again.
  • Help: For help, reply “HELP” to any message or contact us at wisdsta@sreah.com or ‪+1 (667) 577-0651‬.
  • TCPA Compliance: We adhere to the Telephone Consumer Protection Act (TCPA) and related regulations.

SECTION 10 – CHILDREN’S PRIVACY

Our Website is not directed to, and we do not knowingly collect Personal Information from, children under the age of 13 (in compliance with the Children’s Online Privacy Protection Act – COPPA) or under the age of 16 (in compliance with GDPR and CCPA/CPRA). If we become aware that we have inadvertently received Personal Information from a child under the applicable age without verifiable parental consent, we will delete that information from our records. If you believe that a child has provided us with Personal Information, please contact us immediately.

SECTION 11 – CHANGES TO THIS POLICY

We reserve the right to update or modify this Privacy & Security Policy at any time to reflect changes in our practices, legal requirements, or technological advancements. We will notify you of any material changes by posting the new Policy on this page and updating the “Effective Date” at the top of this Policy. We may also notify you via email or other prominent notice on our Website prior to the change becoming effective. Your continued use of the Website after any modifications to this Policy will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Policy.

SECTION 12 – CONTACT US

If you have any questions about this Privacy & Security Policy, our data practices, or if you wish to exercise any of your rights, please contact us:

Wisdsta
Website: https://www.wisdsta.com
Support Email: wisdsta@sreah.com
Phone Number: ‪+1 (667) 577-0651‬
Physical Address: China, Guangdong Province, Foshan City, Chancheng District, Foshan Creative Industry Park, No. 119