Top
Global Sources | GS

Data & Privacy Protection Policy

Last Updated and Effective Date: May 11, 2025

This platform attaches great importance to the data security and privacy rights of our global users. In cross-border bulk B2B trade, data includes not only basic personal contact information but also core business secrets, supply chain networks, proprietary design drawings, and strategic procurement price benchmarks. We are committed to strictly complying with the EU General Data Protection Regulation (GDPR), various state privacy acts in the US, and major global cybersecurity and data compliance regulations, building an impregnable digital security line of defense for you.

This policy transparently discloses how we collect, store, use, and share your personal and enterprise information. By registering, logging in, and using the various cross-border procurement services on this platform, you are deemed to have fully trusted and agreed to this Privacy Policy. We will perform our duties diligently, employing industry-leading digital encryption and isolation technologies to safeguard the security of your digital assets.

1. Types of Information Collected & Application Scenarios

To maintain the smooth flow of the global B2B supply chain, complete necessary cross-border anti-money laundering compliance checks, and provide precise commodity matching, the platform collects data across the following dimensions with your informed consent and authorization:

  • Corporate & Personal Identity Information: When you register an account or submit an enterprise admission application, we collect your name, legal registered enterprise name, business registration number/business license scan, office address, official company email, and instant messaging contact details.
  • Business Transaction & Inquiry Core Data: To facilitate the conclusion of contracts between buyers and sellers, the system records inquiries released in the dashboard, signed Proforma Invoices (PI), bulk procurement contracts, business negotiation correspondence, and technical specifications/drawing assets uploaded for OEM/ODM customization.
  • Cross-border Payment & Financial Compliance Data: When you initiate a T/T slip upload or bind an international credit card for escrow payment settlement, the system collects necessary bank account information, SWIFT/IBAN codes, and KYC qualification proof required for international Anti-Money Laundering (AML) and anti-fraud reviews.
  • Technical & Behavioral Data: To prevent hacking, phishing, and malicious bot activities, the system automatically records your IP address during access, global geographic location, device operating system features, browser Cookies data, and your product browsing/clicking trails on the platform.

2. Commitment to Non-Disclosure of Core Business Secrets

We understand that in international bulk customized trade, product structural drawings and design schemes are the foundation of a buyer's business. To this end, the platform has established a stringent enterprise anti-leakage control system:

  1. Isolated Storage of Customized Assets: Exclusive OEM/ODM design drafts, 3D mold data, and proprietary technical parameters uploaded by buyers enter a secure, encrypted, and isolated cloud storage space. Except for the core designated technical personnel of the seller associated with the order and members of the platform's compliance quality inspection team, no unrelated third parties (including platform employees in non-related departments) have the authority to read or download them.
  2. Procurement Price & Supply Chain Link Protection: Buyer's inquiry comparison records, procurement frequency, actual international shipping destinations, and real arrival information are classified as absolute business privacy. The platform firmly prohibits reselling such procurement heat maps and behavioral data to competitors or external advertising aggregators for profit.
  3. Digital Tracking Anti-Copy Mechanism: Within the platform's instant messaging tools and drawing preview interface, anti-screenshot and high-intensity digital watermark tracking technologies are embedded. Once any seller or personnel is found to have privately copied or leaked a buyer's proprietary secrets, the platform will immediately execute a ban and assist the buyer in protecting their rights across borders.

Compliance Protection Statement: All data on this platform is hosted on infrastructure provided by top-tier cloud service providers with international highest-standard security certifications (such as ISO 27001, SOC 2). We engage external independent international cybersecurity experts annually to conduct high-intensity penetration testing and data leakage compliance audits to ensure the platform's security is foolproof.

3. Data Retention Period & Storage Geography

We retain data within reasonable legal limits to safeguard the completeness of the cross-border trade evidence chain while upholding the user's "Right to be Forgotten":

  • Statutory Retention Principle: Given the basic requirements of international trade and cross-border fiscal/tax codes (e.g., customs traceability, statute of limitations for cross-border contract disputes), identity, contract, and core financial account records related to successfully signed orders and completed settlements will be safely retained by the platform for 7 years in accordance with the law, to cope with potential cross-border anti-money laundering or judicial reviews.
  • Cleanup of Flow Traces: For technical trails and temporary cache data of non-active users who only browse for comparison and have not generated actual inquiries or transactions, the system will adopt regular (usually within 12 months) automated deletion or complete de-identification/anonymization processing.
  • Account Cancellation & Complete Destruction: Users have the right to apply for account cancellation at any time. After you have cleared all pending dispute orders, passed compliance reviews, and canceled your account, except for the traceability vouchers legally required to be retained, the platform will execute irreversible algorithmic shredding and logical destruction of your personal privacy and corporate contact information.

4. Third-Party Service Providers & Cross-Border Data Transfer Matrix

The platform will never sell your privacy to external third parties arbitrarily. Data sharing required for contract performance follows the principle of minimal disclosure:

Third-Party Provider Type Shared Data Scope Sole Legitimate Purpose Security Level
International Financial & Escrow Banks
(e.g., Clearing banks, Acquirers)		 Payment enterprise headers, partial bank card numbers, wire transfer vouchers Verify receipt of bulk deposits/balances, intercept money laundering risks Compliant with PCI-DSS highest financial-grade encryption standards
Professional Logistics & Shipping
(e.g., DHL, Major shipping lines)		 Consignee name, destination enterprise address, customs declaration contact phone Print bill of lading, arrange space, customs declaration, and destination delivery Signed strict data-only-for-use agreements
International Inspection Agencies
(e.g., SGS, TUV)		 Customized technical drawings, sample inspection requirements Assist in arbitration inspections when buyers encounter major quality disputes Independent third-party lab proprietary secure hosting

5. Exclusive Rights for Buyers in EU/US Regions (GDPR / CCPA)

If you are a purchaser from jurisdictions with high-privacy protection legislation such as the EU, UK, Canada, or California (CCPA), you enjoy the following fully autonomous statutory data rights on this platform:

  • Right to Access & Portability: You have the right to apply to the platform at any time for a complete copy of your personal and enterprise data generated by the system, so you understand what information we have recorded or to transfer it smoothly to other supply chain systems.
  • Right to Object: You can refuse the system to push customized product procurement recommendation ads based on big data profiling, or completely turn off targeted Cookie tracking technology through your browser or user settings center at any time.
  • Right to Erasure (Right to be Forgotten): Without violating the underlying laws of customs and fiscal anti-money laundering, when you believe that the platform holding your data is no longer necessary, you have the right to request us to forcibly erase all relevant historical trails.

6. Incident Response & Emergency Fuse Mechanism

In an open cross-border network environment, "Man-in-the-Middle" phishing targeting enterprise commercial emails and fake collection account fraud are emerging endlessly. We have established a 24/7 data fuse defense system:

Once the platform's risk control center intercepts attempts within milliseconds by unknown, non-trusted regions IP addresses to forcibly brute-force login to your transaction dashboard, or abnormal downloads of bulk product drawings within a short time, or frequent changes to settlement account information, the system will instantly trigger an [Emergency Fuse Mechanism], temporarily forcibly locking the account and suspending all in-transit transactions. At this time, the system will forcibly require the user to perform Multi-Factor Authentication (MFA/2FA).

7. Data Controller Rights & Privacy Compliance Consultation

The platform has a dedicated independent "Data Protection Officer (DPO)" seat. If you have concerns about any clause details in this privacy protection policy, or believe your enterprise core drawing assets have been accessed non-compliantly, or if you need to exercise the statutory right to withdraw consent granted to you by GDPR:

We warmly welcome and strongly recommend that you do not go through long and costly complaints via external third-party agencies. You can click the [Contact Customer Service] button at the top or bottom of the webpage and explain your specific privacy protection demands to our professional customer service team. After verifying your enterprise and buyer identity, our legal and information security compliance team will do their utmost to provide you with a detailed response, correction, or corresponding digital erasure processing at the first opportunity during business hours.

About Global Sources

Refund & After‑Sales

Transaction Security Guarantee

Data & Privacy Protection
Global Sources | GS
By using this website, you agree to our Terms of Service and Privacy Policy. We are committed to providing compliant and efficient cross-border trade infrastructure and technical services for global merchants.

Global Resources

  • Address: 30/F, 41 Heung Yip Road, Wong Chuk Hang, Hong Kong Special Administrative Region
  • Phone: (852) 8121 2000 (86) 755 8282 7391
  • Email: giampieroderbyshire@gmail.com

Services & Compliance

My Account

Home
Categories
Cart (0)
Notifications
Account