Privacy Policy
Emily Group is committed to protecting your personal information and your right to privacy. This policy explains how we collect, use, and safeguard your data.
Last updated:
1. Overview
Who we are and what this policy covers
Emily Group ("we," "us," or "our") operates this website and related digital services. This Privacy Policy applies to all personal data we collect through our website, inquiry forms, email communications, and any other interactions you have with us.
We process personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant regional regulations.
By using our website or submitting your information to us, you acknowledge that you have read and understood this Privacy Policy.
2. Information We Collect
Types of data we gather and how
2.1 Information You Provide Directly
- Contact details: name, email address, phone number, company name, and job title submitted via inquiry or contact forms.
- Business information: product requirements, order specifications, and procurement details you share with us.
- Communications: messages, emails, and attachments you send to our team.
2.2 Information Collected Automatically
- Technical data: IP address, browser type and version, operating system, device identifiers, and time zone.
- Usage data: pages visited, time spent on pages, referring URLs, and click-through paths.
- Cookie data: session identifiers and preference settings (see Section 7 for details).
2.3 Information from Third Parties
We may receive limited information about you from business partners, trade directories, or publicly available sources for the purpose of B2B outreach, always in compliance with applicable law.
3. How We Use Your Data
Purposes and legal bases for processing
We use your personal data only for the purposes described below, each grounded in a lawful basis under applicable data protection law:
| Purpose | Lawful Basis |
|---|---|
| Responding to inquiries and providing quotations | Contractual necessity / Legitimate interest |
| Processing orders and managing business relationships | Contractual necessity |
| Sending product updates and marketing communications | Consent / Legitimate interest |
| Improving website performance and user experience | Legitimate interest |
| Complying with legal and regulatory obligations | Legal obligation |
| Fraud prevention and security monitoring | Legitimate interest / Legal obligation |
We will never sell your personal data to third parties for their own marketing purposes.
4. Data Sharing & Disclosure
When and with whom we share your information
We do not sell, rent, or trade your personal data. We may share your information only in the following limited circumstances:
Service Providers
Trusted third-party vendors who assist us in operating our website, conducting business, or servicing you (e.g., cloud hosting, CRM, email delivery). These parties are contractually bound to keep your data confidential and may not use it for any other purpose.
Business Partners
Where necessary to fulfill an order or service request, we may share relevant details with logistics providers, customs agents, or manufacturing partners -- strictly on a need-to-know basis.
Legal Requirements
We may disclose your data if required by law, court order, or governmental authority, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.
5. Confidentiality & Data Security
How we protect your information
Emily Group takes the security of your personal and business data seriously. We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction.
SSL / TLS Encryption
All data transmitted between your browser and our servers is encrypted in transit.
Access Controls
Access to personal data is restricted to authorized personnel on a strict need-to-know basis.
Regular Security Audits
We conduct periodic reviews of our data handling practices and security infrastructure.
Data Minimization
We collect only the data necessary for the stated purpose and retain it no longer than required.
Data Breach Response: In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay, as required by law.
Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, or as required by law. Business inquiry records are typically retained for up to 5 years. You may request deletion at any time (see Section 6).
International Transfers
If your data is transferred outside your country of residence, we ensure appropriate safeguards are in place -- such as Standard Contractual Clauses (SCCs) approved by the European Commission -- to maintain an equivalent level of protection.
6. Your Rights
Control over your personal data
Depending on your location, you may have the following rights regarding your personal data. We honor all valid requests within the timeframes required by applicable law (typically 30 days).
Request a copy of the personal data we hold about you, including information on how it is used and with whom it is shared.
Request correction of inaccurate or incomplete personal data we hold about you.
Request deletion of your personal data ("right to be forgotten"), subject to our legal obligations to retain certain records.
Receive your personal data in a structured, commonly used, machine