Last Updated: March 19, 2026

Company Name: 汝城县史骏燕商贸有限公司

Address: 湖南省郴州市汝城县土桥镇湘粤赣边际（汝城）商贸物流园8#栋5层B357室

Legal Representative: Yang Huanhuan

Unified Social Credit Code: 91431026MAK4401F8W

Sovikl Data Security Policy

Welcome to Sovikl. We operate niche department store products in Australia and prioritize the security of your personal data. This policy outlines our measures, responsibilities, and your rights regarding personal data security, in strict compliance with the Australian Consumer Data Right (CDR) and relevant regulations. By using our services or purchasing products, you agree to this policy in full.

Customer Service Contact:

• Email: service@mail.sovikl.com
• Phone: +86 19292365341
• Working Hours: Monday to Friday, 9:00 AM – 6:00 PM (UTC+8:00)

If you have any data security questions, please contact us during working hours.

1. Data Security Principles

We follow the principles of “lawful and compliant, minimal necessary, secure and controllable” when handling your personal data during the shopping process. We do not collect irrelevant data, misuse, or disclose your data, and we fulfill our responsibilities to protect it.

2. Scope of Data Protection

We only protect the necessary data you actively provide when shopping, including:

• Order and Delivery Data: Name, shipping address, phone number, and email, used for order confirmation, logistics tracking, and ensuring in-stock orders ship within 1–2 business days (excluding weekends and public holidays) and arrive within 5–7 business days.
• Order and Transaction Data: Order number, product details, order time, and payment-related information, used for order processing, reconciliation, and after-sales support.
• Inquiry and Communication Data: Chat records and consultation content with customer service, used to respond to questions and assist with order edits within 12 hours of placement.

We do not collect unrelated information (e.g., location, device information).

3. Data Security Measures

To prevent data breaches, tampering, loss, or misuse, we implement the following security measures:

• Technical Protection: SSL encryption for data transmission and storage, regular backups, and system vulnerability checks.
• Access Control: Only authorized personnel can access personal data; unauthorized access, use, or tampering is strictly prohibited.
• Process Standards: Clear standards for the full data lifecycle, storing data only as long as necessary, with deletion or anonymization after the retention period.
• Partner Control: Logistics providers are only given necessary delivery data, with clearly defined data security responsibilities.

4. Data Usage and Sharing Guidelines

1. Data Usage: Personal data is used only for shopping-related services (order processing, delivery, modifications, after-sales), and never for other purposes without your written consent.
2. Data Sharing: Personal data is not shared or sold arbitrarily. Data may only be shared legally in the following cases: With logistics providers for delivery purposes; When disclosure is required by laws, regulations, or judicial/administrative authorities; With your written consent for specified purposes.

5. Your Data Security Rights

Under applicable regulations, you have the following rights, which we fully support:

• Right to Access: Access details of your personal data.
• Right to Correction: Request correction of inaccurate or incomplete personal data.
• Right to Deletion: Request deletion of personal data beyond the necessary scope (except where retention is legally required).
• Right to Information: Understand how personal data is processed, stored, and shared.

To exercise these rights, contact customer service and provide valid identification. We will respond promptly.

6. Data Security Responsibility and Emergency Response

1. We designate personnel responsible for data security, conduct regular security checks, and provide staff training to fulfill our data protection obligations.
2. We have an emergency response plan. In the event of a data security incident, we will immediately take remedial measures, inform you, and report according to applicable regulations.

7. Policy Updates and Revisions

We may update this policy periodically in response to legal changes or service improvements. Updates will be published on our platform and take effect immediately. Continued use of our services constitutes agreement to the updated policy.

8. Disclaimer

1. We are not responsible for data security issues caused by your own actions.
2. In the event of force majeure affecting data security, we will take remedial measures within our capacity.
3. We are not directly responsible for data handling by third parties (e.g., logistics or payment platforms).