OHAYOO LTD ("we," "us," "our," or "Company") is committed to protecting your privacy and ensuring you have a positive experience on our website (ohayoo.com) and when using our services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and utilize our web design, SEO, and digital services.

Data Controller:
OHAYOO LTD
Room 2302, 23/F, Lee Garden Two
28 Yun Ping Road, Causeway Bay
Hong Kong
Email: contact@ohayoo.com
Website: https://www.ohayoo.com

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our website or services.

A. Information You Provide Directly:

• Contact Information: Name, email address, phone number, company name, job title, and mailing address when you submit contact forms, request quotes, or communicate with us
• Service Inquiry Information: Details about your website design, SEO, or digital marketing needs
• Payment Information: Credit card details and billing address processed securely through 2Checkout payment processor
• Newsletter Subscriptions: Email address when you subscribe to our mailing list via Mailchimp
• Support Communications: Messages, attachments, and support tickets submitted through Zendesk support system

B. Information Collected Automatically:

• Cookies and Tracking Technologies: We use cookies to recognize your device, remember your preferences, and improve site functionality. This includes session cookies and persistent cookies
• Google Tag Manager and Analytics: We use Google Tag Manager (GTM-P6F2WP) to manage tracking and Google Analytics to collect data about your browsing behavior, including pages visited, time spent, device type, browser type, IP address, and referring URL
• Google Maps: Location data when you view our office location on Google Maps integration
• Log Data: Server logs automatically record information such as access times, pages viewed, and referring website addresses
• Device Information: Browser type, operating system, mobile device identifiers, and unique device IDs

C. Information from Third Parties:

• Information from service providers (payment processors, analytics platforms, email service providers)
• Publicly available information used to enhance service offerings

We use the information we collect for the following purposes:

• To provide and improve our web design, SEO, and digital services
• To respond to your inquiries, requests, and support needs
• To process payments and send transaction-related communications
• To send you newsletters, marketing communications, and promotional offers (with your consent)
• To personalize your experience and improve our website functionality
• To analyze website usage patterns and user behavior through Google Analytics
• To detect, prevent, and address fraud, security issues, and technical problems
• To comply with legal obligations and enforce our Terms and Conditions
• To conduct customer research and improve our service offerings
• To monitor the effectiveness of our marketing campaigns

We do not sell your personal information to third parties. However, we share information with trusted service providers who assist us in operating our website and conducting our business:

• Google Analytics: Tracks website usage and user behavior for performance analysis. Google maintains its own privacy policy
• Google Tag Manager: Manages tracking codes and analytics implementation
• Mailchimp: Manages our email newsletter subscriptions and marketing communications
• 2Checkout: Processes payment transactions securely. No full credit card details are stored on our servers
• Zendesk: Provides customer support ticketing and communication management
• Google Maps: Displays our office location on the website

All service providers are contractually obligated to use your information only for the purposes necessary to provide services to us and to maintain the confidentiality and security of your data.

What Are Cookies? Cookies are small text files placed on your device when you visit our website. They help us recognize your browser, maintain your session, and improve your user experience.

Types of Cookies We Use:

• Essential Cookies: Required for website functionality (e.g., shopping cart, form submission, security)
• Performance Cookies: Collect data about how you use our website to improve performance and functionality
• Marketing Cookies: Track your interactions for targeted advertising and remarketing purposes
• Analytics Cookies: Help us understand visitor behavior through Google Analytics

Cookie Management: You can control cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, disabling cookies may affect website functionality. Some features may not work properly without essential cookies.

Third-Party Cookies: We allow third-party analytics and advertising partners to place cookies on your device for tracking purposes.

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this policy. Retention periods vary based on the type of information:

• Contact/Inquiry Information: Retained for up to 3 years after last contact or service completion
• Payment Information: Retained for 7 years to comply with accounting and tax regulations
• Newsletter Subscribers: Retained until you unsubscribe
• Analytics Data: Typically retained for 26 months
• Support Tickets: Retained for up to 5 years

When information is no longer needed, it is securely deleted or anonymized. You may request deletion of your data subject to legal obligations.

If you are located in the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):

• Right of Access: You can request access to the personal information we hold about you
• Right to Rectification: You can request correction of inaccurate or incomplete information
• Right to Erasure (Right to be Forgotten): You can request deletion of your personal information, subject to certain legal exceptions
• Right to Restrict Processing: You can request that we limit how we use your information
• Right to Data Portability: You can request a copy of your data in a machine-readable format
• Right to Object: You can object to processing of your data for marketing and profiling purposes
• Right to Withdraw Consent: You can withdraw consent for data processing at any time
• Right to Lodge a Complaint: You have the right to file a complaint with your local data protection authority

To exercise any of these rights, contact us at contact@ohayoo.com with "Privacy Request" in the subject line. We will respond within 30 days.

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following rights:

• Right to Know: You can request what personal information we have collected, the purposes of collection, and categories of third parties with whom it is shared
• Right to Delete: You can request deletion of personal information collected from you, subject to certain exceptions
• Right to Opt-Out of Sale: You can direct us not to sell or share your personal information for cross-context behavioral advertising
• Right to Correct: You can request correction of inaccurate personal information
• Right to Limit Use: You can limit our use of sensitive personal information
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

How to Submit a Request: Send your request to contact@ohayoo.com with "CCPA Request" in the subject line and provide sufficient information to identify you. We will verify your identity before processing your request and respond within 45 days.

Authorized Agent: You may designate an authorized agent to submit requests on your behalf with proper documentation.

We implement comprehensive security measures to protect your personal information:

• SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using industry-standard SSL/TLS protocols (indicated by "https://" in the URL)
• Secure Payment Processing: Payment information is processed through 2Checkout with PCI DSS compliance; we do not store complete credit card details
• Access Controls: Only authorized employees with legitimate business needs can access personal information
• Data Minimization: We collect only the information necessary for our business purposes
• Regular Security Audits: We conduct regular security assessments and updates
• Incident Response: We maintain procedures to detect and respond to security breaches

While we use industry-standard security measures, no system is completely secure. We cannot guarantee absolute security of your information. If you believe there has been a security breach, please contact us immediately at contact@ohayoo.com.

Your information may be transferred to, stored in, and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from your home country.

By providing your information to us, you consent to:

• The transfer of your information to countries outside your country of residence
• Processing of your information in accordance with this Privacy Policy
• Storage and processing outside the European Economic Area where applicable

We implement appropriate safeguards including Standard Contractual Clauses and Data Processing Agreements to protect your information during international transfers.

Our website and services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will delete such information and terminate the child's account.

If you believe a child has provided us with personal information, please contact us immediately at contact@ohayoo.com.

For users under 18, parental consent may be required in certain jurisdictions.

Email Communications: We send transactional emails (service confirmations, payment receipts) that you cannot opt out of while using our services. However, you can manage marketing communications:

• Click "Unsubscribe" at the bottom of any marketing email
• Log into your account and update notification preferences
• Contact us at contact@ohayoo.com to manage preferences

Newsletter Opt-Out: You can unsubscribe from our newsletter at any time by clicking the unsubscribe link in any email or contacting us directly.

SMS/Phone Communications: If you provide a phone number and opt in to SMS communications, you can opt out by replying STOP or contacting us.

Our website may contain links to third-party websites, social media platforms, and external services. This Privacy Policy applies only to ohayoo.com. We are not responsible for the privacy practices of third-party websites.

When you click on links to external websites or use third-party services, please review their privacy policies. We recommend reading privacy notices before providing information to any third party.

Social Media: If you interact with us on social media platforms (Twitter, Facebook), those platforms' privacy policies apply in addition to ours.

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by:

• Posting the updated policy on our website with a "Last Updated" date
• Sending an email notification to registered users
• Obtaining explicit consent where required by law

Your continued use of our website after changes are posted constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy regularly for updates.

If you use our services in a professional capacity or are a business customer, we can provide a Data Processing Agreement (DPA) that outlines our obligations as a Data Processor.

Businesses in the EU requiring GDPR-compliant Data Processing Agreements should contact us at contact@ohayoo.com to request a DPA.

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have privacy concerns, please contact us:

Data Controller & Privacy Contact:
OHAYOO LTD
Room 2302, 23/F, Lee Garden Two
28 Yun Ping Road, Causeway Bay
Hong Kong

Email: contact@ohayoo.com

Website: https://www.ohayoo.com

We will respond to privacy inquiries within 30 days. If your request involves a complex issue or requires investigation, we may need additional time (up to 90 days total).

Data Protection Authority Complaints: If you believe we have violated your privacy rights and are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.

This Privacy Policy is a template for informational purposes. Consult with a qualified attorney for legal advice specific to your situation and jurisdiction.

This Privacy Policy is governed by the laws of Hong Kong SAR. Any disputes shall be resolved in accordance with our Terms and Conditions.