Privacy Policy

Effective for: ECOVERSE INNOVATIONS LIMITED
Last Updated: December 30, 2025
Applicable Platforms: Microsoft Advertising, Google Ads (for product sales and advertising)

Note

To align with the privacy standards of Microsoft and Google, this Privacy Policy retains all original content of our existing policy and adds supplementary provisions to meet the requirements of Microsoft Advertising, Google Ads, and global data protection regulations (e.g., GDPR, CCPA, EU-U.S. Data Privacy Framework). The English version of this policy shall prevail for consistency across global platforms; translated versions are provided for convenience without altering the official content.

Compliance with 30 Economic Regions: This policy applies to all major markets including EU (Germany, France, UK, Italy, Spain, Netherlands, Belgium, Sweden, Denmark, Finland, Norway, Switzerland), US, Canada, Australia, New Zealand, Japan, South Korea, Singapore, Hong Kong, Taiwan, China (Shanghai, Beijing), UAE (Dubai), Saudi Arabia, Israel, Brazil, Mexico, Argentina, Chile, Colombia, Peru, and Indonesia.

1. Who We Are

Our company entity is ECOVERSE INNOVATIONS LIMITED, and our website address is: https://astridyn.com.

1.1 Contact Information

• General Privacy Inquiries:
  Phone Number: [+64 21 02698074]
  Email: info@astridyn.com
• Data Protection Officer (DPO):
  For privacy complaints, data requests related to Microsoft/Google platforms, or inquiries about cross-border data transfers:
  Email: info@astridyn.com
  Response Time: We will acknowledge receipt within 7 business days and complete processing within 15 business days.

1.2 Data Security Commitments

• We use SSL encryption for sensitive data (e.g., credit card information) and comply with the PCI DSS (Payment Card Industry Data Security Standard) to protect payment data.
• We adopt access control mechanisms (e.g., role-based permissions) to restrict employee access to personal data, and conduct quarterly security audits to align with Microsoft Azure and Google Cloud security standards.

2. Our Purpose for Collecting Information

We collect personal information solely to:

1. Provide, maintain, and improve our website and e-commerce services (including processing orders, managing accounts, coordinating logistics, and providing customer support);
2. Communicate with you (including sending service-related updates, order notifications, and promotional offers with your consent);
3. Protect our rights and the security of our website (e.g., preventing fraud, detecting spam);
4. Adapt to Microsoft Advertising and Google Ads requirements: Optimize ad delivery, provide personalized ads (only with explicit user consent), and track ad performance (e.g., click-through rates, conversion rates);
5. Analyze user shopping behavior (e.g., product browsing history, search keywords) to improve product recommendations and website user experience.

We will never sell your personal information to third parties for their marketing purposes (consistent with Microsoft and Google’s privacy commitments).

3. Personal Data We Collect

In addition to the data specified in the original policy, we collect the following information to support e-commerce operations and compliance with Microsoft/Google platforms:

3.1 Order & Payment Data

• Order details: Order number, purchased product information (name, model, quantity), order status, and transaction time;
• Shipping information: Recipient name, delivery address, contact phone number, and logistics tracking number;
• Payment data: Payment method (e.g., credit card, PayPal), transaction amount (desensitized to exclude full card numbers), and payment status (compliant with Microsoft’s payment data security requirements and Google’s financial data protection standards).

3.2 Device & Usage Data

• Device information: Device model, operating system (OS) version, browser type, screen resolution, and unique device identifiers (e.g., Android Advertising ID, iOS IDFA) (used for ad targeting on Microsoft/Google platforms);
• Usage data: IP address, access time, pages visited (e.g., product detail pages), browsing duration, search keywords (on our website), and ad interaction records (e.g., clicks on Microsoft/Google ads, ad views).

3.3 Ad-Related Data

• Data shared with Microsoft Advertising/Google Ads: Ad click records, conversion data (e.g., whether a click leads to a purchase), and user preferences (e.g., product categories of interest) (used to optimize ad relevance and avoid redundant ad delivery);
• Consent records: Proof of user consent for personalized ads (stored for at least 1 year to comply with Microsoft/Google’s audit requirements).

3.4 Comment & Account Data

• Retain the original “comment data (including IP address, browser user agent string)” and “user registration data” (e.g., username, email address, password hash);
• Comment data will not be used for ad targeting on Microsoft/Google platforms unless explicit user consent is obtained.

4. Comments

When visitors leave comments on the site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

• An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
• Supplementary Provision: We will not share comment data with Microsoft Advertising, Google Ads, or other third parties for marketing purposes unless you explicitly agree.

5. Cookies

We retain all original Cookie provisions and add the following to align with Microsoft and Google’s Cookie policies:

5.1 Existing Cookie Types (Retained)

• Comment cookies (1 year, save name/email/website for convenience);
• Temporary login cookies (deleted when the browser is closed, to check Cookie support);
• Login cookies (2 days, save login information; 2 weeks if “Remember Me” is selected);
• Screen options cookies (1 year, save display preferences);
• Article editing cookies (1 day, save post ID of edited articles).

5.2 Supplementary Cookie Classification & Details

Cookie Type	Purpose	Retention Period	Compliance Basis
Functional Cookies	Enable core e-commerce functions (e.g., saving shopping cart items, remembering login status)	1 year	Microsoft Cookie Policy, Google Cookie Standards
Analytical Cookies	Track website performance (e.g., page load speed, bounce rate) to improve services	6 months	Same as above
Advertising Cookies	Support Microsoft/Google ad targeting (e.g., delivering ads based on product browsing history)	3 months (or until user disables)	User consent, Google Ads Cookie Policy

5.3 Cookie Control Tools

You can manage or disable cookies through the following channels (consistent with Microsoft and Google’s user control requirements):

• Browser settings: Disable cookies in Chrome (Settings > Privacy and security > Cookies and other site data), Firefox (Settings > Privacy & Security > Cookies), or Edge (Settings > Cookies and site permissions > Manage and delete cookies and site data);
• Microsoft Advertising settings: Adjust personalized ad preferences or disable ad cookies at: https://account.microsoft.com/privacy/ad-settings/;
• Google Ads settings: Manage ad cookies or reset your Advertising ID at: https://myaccount.google.com/adsettings;
• Device-level control: Reset your Advertising ID (Android: Settings > Privacy > Ads; iOS: Settings > Privacy & Security > Ads).

All cookie usage complies with global data protection laws (e.g., GDPR, CCPA) and Microsoft/Google’s Cookie policies.

6. Who We Share Your Data With

We will NOT sell or disclose your personal data to irrelevant third parties. In addition to the original “password reset IP inclusion” provision, we share data with the following third parties only for necessary business purposes (aligned with Microsoft and Google’s third-party sharing standards):

6.1 Authorized Third-Party Categories

Third-Party Type	Partners (Examples)	Purpose of Data Sharing	Data Shared (Desensitized)	Third-Party Privacy Policies
Payment Service Providers	PayPal, Stripe, VISA	Process payments securely (compliant with Microsoft’s secure checkout requirements)	Transaction amount, payment method (no full card numbers)	PayPal, Stripe
Logistics Providers	DHL, FedEx, UPS, local courier services	Deliver orders and update logistics status	Recipient name, delivery address, contact phone (masked)	DHL, FedEx
Advertising Partners	Microsoft Advertising, Google Ads	Deliver personalized ads, track ad performance (e.g., conversions)	Ad click records, device Advertising ID, product preferences	Microsoft, Google
Analytics Providers	Google Analytics, Microsoft Clarity	Analyze website traffic and user behavior to improve services	IP address (anonymized), page views, browsing duration	Google, Microsoft

6.2 Data Sharing Principles

• We only share the minimum necessary data (e.g., no full payment card numbers or complete IP addresses);
• We require all third parties to sign data processing agreements (DPAs) to comply with Microsoft/Google’s privacy standards and prevent data misuse;
• We do not share sensitive data (e.g., passwords, ID numbers) with any third party.

7. How Long We Retain Your Data

We retain data in compliance with legal requirements and Microsoft/Google’s data retention standards. In addition to the original provisions, we specify the following retention periods for supplementary data:

Data Type	Retention Period	Reason
Order & Shipping Data	3 years after order completion (or longer if required by tax laws)	Facilitate order inquiries, returns, and tax compliance
Payment Data	1 year after transaction completion (desensitized storage)	Prevent payment fraud and comply with PCI DSS requirements
Ad-Related Data	6 months after ad campaign ends (or until user requests deletion)	Track ad performance and align with Microsoft/Google’s audit cycles
Device & Usage Data	1 year after the user’s last website visit (anonymized after retention)	Improve user experience and avoid redundant data storage
Comment Data	Indefinitely (retained to auto-approve follow-up comments)	Same as original policy

7.1 User Control Over Retention

You can request to shorten the retention period (except for data required by law) through:

• Your ECOVERSE INNOVATIONS LIMITED account center (if registered): Apply to delete order data or ad-related data;
• Contacting our team (email: info@astridyn.com) with the subject line “Data Retention Adjustment Request: [Your Registered Email/Name]”.

8. What Rights You Have Over Your Data

In addition to the original rights (export data, erase data, opt out of marketing), we add the following rights to align with Microsoft and Google’s user privacy standards:

8.1 Supplementary User Rights

• Right to restrict data processing: Request to pause the use of your data for Microsoft/Google ad targeting (e.g., if you no longer want to see personalized ads);
• Right to data portability: Request to export your data (e.g., order history, account information) in CSV/JSON format and send it to a third party (e.g., another e-commerce platform);
• Right to correct inaccurate data: Update incorrect information (e.g., wrong delivery address, outdated phone number) through your account center or by contacting support.

8.2 Convenient Control Channels

• ECOVERSE INNOVATIONS LIMITED Privacy Dashboard (if registered): Access at https://astridyn.com/privacy-dashboard to view, export, or delete your data in real time;
• Microsoft/Google Platform Integration: Adjust how your data is used in Microsoft Advertising/Google Ads directly through their official privacy tools (links provided in Section 5.3);
• Opt-out of Ad Targeting: Reply to any marketing email with “Opt out of ad targeting” or contact our team (email: info@astridyn.com) to stop your data from being used for personalized ads (takes effect within 7 business days).

These rights comply with global regulations (e.g., GDPR, CCPA, EU-U.S. Data Privacy Framework) and Microsoft/Google’s user rights commitments.

9. Where Your Data Is Sent

Visitor comments may be checked through an automated spam detection service. We add the following provisions to address cross-border data transfers (required by Microsoft and Google for global operations):

9.1 Cross-Border Data Transfer Compliance

• Applicable Frameworks: We comply with the EU-U.S. Data Privacy Framework, UK Extension to the EU-U.S. DPF, and Swiss-U.S. Data Privacy Framework (consistent with Microsoft and Google’s cross-border standards) to ensure data transfers to the U.S. or other regions are legal;
• Data Storage Locations: Your personal data is primarily stored in:
  – EU servers (e.g., Microsoft Azure Frankfurt, Google Cloud Brussels) to comply with GDPR;
  – U.S. servers (only for users in the U.S.) to align with Microsoft/Google’s regional data storage requirements.

9.2 Notification of Transfer

If your data is transferred outside the EU/EEA or your local jurisdiction, we will:

• Provide prior notice via email (if you are registered);
• Make available a copy of our Data Processing Agreement (DPA) with Microsoft/Google upon request (to demonstrate compliance with cross-border rules).

10. Children’s Data Protection

Our services are not intended for individuals under 13 years of age (consistent with Microsoft’s “Privacy for Young People” and Google’s Children’s Online Privacy Protection Act (COPPA) compliance):

• We do not actively collect personal data from children under 13;
• If we inadvertently collect children’s data (e.g., via a minor’s order), we will immediately delete it and notify Microsoft/Google to stop related ad delivery;
• Parents/guardians may contact our team (email: info@astridyn.com) to inquire about or delete any children’s data.

11. Advertising Privacy & Controls

To support ad campaigns on Microsoft and Google platforms, we clarify the following ad-related privacy rules:

11.1 How We Use Data for Ads

• We use your device Advertising ID, product browsing history, and ad interaction records to deliver personalized ads on Microsoft/Google platforms (only with your consent);
• We do not use sensitive data (e.g., payment passwords, health information) for ad targeting;
• Ad performance data (e.g., conversion rates) is shared with Microsoft/Google only in anonymized form (no personal identifiers).

11.2 How to Opt Out of Personalized Ads

• Microsoft Advertising: Disable personalized ads at https://account.microsoft.com/privacy/ad-settings/;
• Google Ads: Turn off ad personalization at https://myaccount.google.com/adsettings;
• Global Opt-Out: Use the Network Advertising Initiative (NAI) tool to opt out of personalized ads from multiple platforms: https://optout.networkadvertising.org/.

12. Changes to This Privacy Policy

• We will notify you of any material changes (e.g., adjustments to data collection scope, changes to cross-border transfer rules) via:
  1. A pop-up notice on our website;
  2. An email to your registered address (if you have an account);
  3. Updates to the “Last Updated” date at the top of this page.
• Changes related to Microsoft/Google platform compliance (e.g., ad data usage rules) will take effect no earlier than 30 days after notification (to give you time to review and adjust your preferences).

13. How to Contact Us

For privacy-related inquiries, complaints, or requests (including those related to Microsoft/Google platforms):

• General Support: Phone [+64 21 02698074], Email info@astridyn.com;
• Microsoft Privacy Team: If you have concerns about how your data is used in Microsoft Advertising, contact Microsoft directly at https://privacy.microsoft.com/en-us/contactus;
• Google Privacy Team: For issues related to Google Ads data usage, visit https://policies.google.com/contact.

We will respond to all inquiries within 7 business days and resolve complaints within 15 business days (consistent with Microsoft and Google’s response standards).