Effective Date: April 17, 2026
Last Updated: April 17, 2026
Applicable Regions: European Union, United States, Japan, South Korea, and other global markets
Business Name: NIFEN
Business Address: No. 137, Dahe Village, Guanhu Street, Longhua District, Shenzhen, Guangdong Province, China (Postal code: 518110)
Contact Email: support@nifenaqua.com
Website: https://www.nifenaqua.com
NIFEN ("we", "us", or "our") operates the website located at https://www.nifenaqua.com (the "Site"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our Site or make a purchase from us.
1. INFORMATION WE COLLECT
When you visit our Site or place an order, we may collect the following categories of personal information:
1.1 Information You Provide Directly
- Contact information: name, email address, shipping address, billing address, phone number
- Order information: products purchased, order number, order history
- Account information: username, password (if you create an account on our Site)
- Payment information: credit/debit card details, PayPal account information (processed by our third-party payment processors; we do not store full payment card details)
- Communications: any correspondence you send to us via email, contact forms, or customer support channels
1.2 Information Collected Automatically
When you browse our Site or interact with our services, we automatically collect:
- Device information: IP address, browser type and version, operating system, device identifiers
- Usage information: pages viewed, time spent on pages, links clicked, search queries, referring website addresses
- Cookies and similar technologies: please see Section 7 (Cookies) below for details
1.3 Information from Third Parties
We may receive information about you from third-party service providers, such as:
- Payment processors (e.g., Shopify Payments, PayPal, Stripe)
- Shipping carriers (e.g., DHL, FedEx, UPS, China Post)
- Analytics providers (e.g., Google Analytics)
- Marketing and advertising partners
2. HOW WE USE YOUR INFORMATION
We use your personal information for the following business and commercial purposes:
2.1 Order Processing and Fulfillment
- Process and fulfill your orders, including payment processing, order confirmation, shipping, and delivery
- Provide order updates and tracking information
- Handle returns, refunds, and exchanges
- Communicate with you regarding your orders
2.2 Customer Service
- Respond to your inquiries, requests, and complaints
- Provide technical support and troubleshooting
2.3 Site Improvement and Personalization
- Analyze how you use our Site to improve functionality, user experience, and product offerings
- Personalize your shopping experience, including product recommendations
2.4 Marketing and Promotions
- Send you marketing communications, newsletters, and promotional offers (you may opt out at any time)
- Administer promotions, surveys, or contests
2.5 Legal Compliance and Security
- Detect, prevent, and investigate fraud, security incidents, or other potentially prohibited or illegal activities
- Comply with applicable laws, regulations, legal processes, or enforceable governmental requests
- Enforce our terms and conditions and protect our rights and property
2.6 Cross-Border Data Transfer
We transfer your personal information from your home country to China (where we are located) and possibly to other countries where our service providers are based, for the purposes described above. By using our Site and providing your personal information, you acknowledge and consent to such transfers. For customers in the EU, we rely on Standard Contractual Clauses (SCCs) as the legal mechanism for cross-border data transfers, as China has not received an adequacy decision from the European Commission. For customers in other jurisdictions, we comply with applicable cross-border data transfer requirements under local laws.
Legal Basis for Processing (for EU customers): Under the GDPR, we process your personal information based on the following legal grounds:
- Contractual necessity: to fulfill your orders and provide our services
- Legitimate interests: to improve our Site, prevent fraud, and market our products
- Legal obligations: to comply with applicable laws
- Consent: for marketing communications and certain cookies (where required)
3. SHARING AND DISCLOSURE OF YOUR INFORMATION
We may share your personal information with the following categories of third parties:
3.1 Service Providers
We share your information with third-party service providers who perform services on our behalf, including:
- Payment processors (to process your payments securely)
- Shipping carriers (to deliver your orders)
- Email service providers (to send you order confirmations and marketing emails)
- Customer support platforms (to manage your inquiries)
- Analytics providers (to help us understand how you use our Site)
These service providers are contractually obligated to protect your information and may only use it for the purposes for which it was disclosed.
3.2 Legal and Regulatory Authorities
We may disclose your information if required to do so by law, regulation, legal process, or enforceable governmental request, or to protect our rights, property, or safety, or that of others.
3.3 Business Transfers
If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.
3.4 With Your Consent
We may share your information with other third parties when you have provided your explicit consent.
We do not sell your personal information to third parties for monetary value. However, under the California Consumer Privacy Act (CCPA), certain data sharing practices (such as using cookies for cross-context behavioral advertising) may be considered a "sale" or "share" of personal information. Please see Section 12 (Your Privacy Rights) for information on how to opt out.
For customers in Japan: Under the APPI, we will obtain your prior consent before sharing your personal information with any third party outside the scope described in this policy.
4. DATA RETENTION
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
- Order information: retained for 7 years to comply with tax and accounting requirements (varies by jurisdiction)
- Account information: retained as long as your account remains active
- Marketing preferences: retained until you opt out or unsubscribe
- Customer service communications: retained for 2 years after resolution of the inquiry
After the retention period expires, we will delete or anonymize your personal information. If deletion is not immediately possible (e.g., due to technical constraints), we will securely isolate your information from further processing until deletion can be performed.
5. DATA SECURITY
We implement appropriate technical and organizational security measures to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:
- SSL/TLS encryption for data transmitted between your browser and our Site
- Secure storage of personal information with access controls and authentication
- Regular security assessments and vulnerability scanning
- Restricted access to personal information on a "need-to-know" basis
- Data minimization practices
While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.
For customers in South Korea: In compliance with the PIPA, we maintain security programs that include encryption of personal information, access control measures, and regular monitoring to prevent unauthorized access or data leakage.
6. INTERNATIONAL DATA TRANSFERS
As our business is based in Shenzhen, China, your personal information will be transferred to and processed in China. Additionally, certain service providers we use (e.g., Shopify, Google Analytics) may process your data in other countries (including the United States).
6.1 For EU customers: China has not received an adequacy decision from the European Commission. For transfers of personal information from the EU to China, we rely on Standard Contractual Clauses (SCCs) adopted by the European Commission, supplemented by a Transfer Impact Assessment (TIA) to ensure an essentially equivalent level of protection.
6.2 For UK customers: We rely on the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs.
6.3 For South Korean customers: We comply with the cross-border data transfer requirements under the PIPA. We will notify you of the transfer and obtain your consent before transferring your personal information outside of South Korea, unless an exception applies.
6.4 For Japanese customers: Under the APPI, we implement appropriate safeguards for cross-border data transfers, including contractual measures to ensure the receiving party maintains an equivalent level of protection.
6.5 For Chinese customers: As a data handler based in China, we comply with the PIPL and applicable regulations regarding cross-border data transfers. If the volume of cross-border data transfers meets certain thresholds, we will complete the required security assessment, certification, or standard contract filing as required by law.
7. COOKIES AND TRACKING TECHNOLOGIES
We use cookies, web beacons, pixels, and similar tracking technologies to collect information about your browsing activities on our Site.
7.1 What Are Cookies?
Cookies are small text files placed on your device when you visit a website. They help us recognize your device, remember your preferences, and understand how you interact with our Site.
7.2 Types of Cookies We Use
| Cookie Type | Purpose | Legal Basis |
|-------------|---------|-------------|
| Essential Cookies | Necessary for Site functionality (e.g., shopping cart, checkout, security). Cannot be disabled. | Legitimate interest (GDPR Art. 6(1)(f)) |
| Functional Cookies | Remember your preferences and settings to enhance your experience. | Consent (where required) |
| Analytics Cookies | Collect anonymous information about how visitors use our Site (e.g., pages visited, time spent). We use Google Analytics. | Consent (where required) |
| Advertising Cookies | Track your browsing across websites to deliver targeted advertisements. | Consent (where required) |
7.3 Your Cookie Choices
- Cookie Banner: When you first visit our Site, you will see a cookie banner asking for your consent for non-essential cookies.
- Browser Settings: You can configure your browser to block or delete cookies. However, blocking essential cookies may prevent certain Site features from working properly.
- Google Analytics Opt-Out: You can install the Google Analytics Opt-out Browser Add-on at: https://tools.google.com/dlpage/gaoptout
For EU customers: We obtain your prior consent before placing any non-essential cookies on your device, as required by the ePrivacy Directive (Cookie Law).
For California customers: You may opt out of the "sale" or "share" of your personal information via cookies for cross-context behavioral advertising by clicking the "Your Privacy Choices" link in our Site footer, or by enabling Global Privacy Control (GPC) in your browser.
8. CHILDREN'S PRIVACY
Our Site and services are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@nifenaqua.com, and we will delete such information promptly.
For customers in the United States: Under the Children's Online Privacy Protection Act (COPPA), we do not target children under 13. If we learn that we have collected personal information from a child under 13 without verified parental consent, we will delete it immediately.
9. THIRD-PARTY LINKS
Our Site may contain links to third-party websites, products, or services. This Privacy Policy does not apply to those third parties. We are not responsible for the privacy practices or content of such third parties. We encourage you to review the privacy policies of any third-party websites you visit.
10. YOUR PRIVACY RIGHTS
Depending on your location, you may have certain rights regarding your personal information. To exercise any of these rights, please contact us at support@nifenaqua.com. We will respond to your request within the timeframes required by applicable law (generally 30 days).
10.1 Rights for EU Customers (GDPR)
- Right to access: obtain confirmation of whether we process your personal information and, if so, access to that information
- Right to rectification: correct inaccurate or incomplete personal information
- Right to erasure ("right to be forgotten"): request deletion of your personal information under certain circumstances
- Right to restriction of processing: request limitation of how we use your information
- Right to data portability: receive your personal information in a structured, commonly used, machine-readable format and transmit it to another controller
- Right to object: object to processing based on legitimate interests or direct marketing
- Right to withdraw consent: withdraw your consent at any time (where processing is based on consent)
To exercise your rights, contact us at support@nifenaqua.com. You also have the right to lodge a complaint with your local Data Protection Authority (DPA). A list of EU DPAs is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en
10.2 Rights for California Customers (CCPA/CPRA)
If you are a California resident, you have the following rights:
- Right to know: request disclosure of the categories and specific pieces of personal information we have collected, the sources, purposes, categories of third parties, and whether we sell or share your information
- Right to delete: request deletion of your personal information (subject to exceptions)
- Right to correct: request correction of inaccurate personal information
- Right to opt out of sale/sharing: opt out of the "sale" or "sharing" of your personal information for cross-context behavioral advertising
- Right to limit use of sensitive personal information: limit our use of your sensitive personal information to only what is necessary
- Right to non-discrimination: not receive discriminatory treatment for exercising your privacy rights
To opt out of the sale or sharing of your personal information, click the "Your Privacy Choices" link in our Site footer or enable Global Privacy Control (GPC) in your browser. We process GPC signals as a valid opt-out request.
For California customers, we do not use Automated Decision-Making Technology (ADMT) that produces legal or similarly significant effects, as defined under the CPRA.
10.3 Rights for Japanese Customers (APPI)
Under Japan's Act on the Protection of Personal Information (APPI), you have the right to:
- Be notified of the purpose of use of your personal information
- Request disclosure of your personal information
- Request correction, addition, or deletion of your personal information
- Request suspension of use or erasure of your personal information
- Request disclosure of records of provision to third parties
10.4 Rights for South Korean Customers (PIPA)
Under South Korea's Personal Information Protection Act (PIPA), you have the right to:
- Request access to your personal information
- Request correction or deletion of your personal information
- Request suspension of processing of your personal information
For South Korean customers: As an overseas business, we comply with PIPA requirements. For any inquiries regarding your personal information, please contact us at support@nifenaqua.com.
10.5 Rights for Chinese Customers (PIPL)
Under China's Personal Information Protection Law (PIPL), you have the right to:
- Know and decide on the processing of your personal information
- Request access to and a copy of your personal information
- Request correction or completion of your personal information
- Request deletion of your personal information under certain circumstances
- Request explanation of our data processing rules
- Withdraw your consent at any time
For Chinese customers, if you believe your personal information rights have been violated, you may file a complaint with the Cyberspace Administration of China (CAC) or relevant authorities.
10.6 Rights for Customers in Other Jurisdictions
If you reside in a jurisdiction with privacy laws not specifically listed above, you may have similar rights. Please contact us to inquire about the rights applicable to you.
11. DO NOT TRACK
Some browsers include a "Do Not Track" (DNT) feature. Our Site does not currently respond to DNT signals because no uniform standard for DNT has been established. However, we do process Global Privacy Control (GPC) signals as a valid opt-out request under the CCPA.
12. VERIFICATION OF REQUESTS
To protect your privacy and security, we may require you to verify your identity before processing certain requests. Verification methods may include:
- Providing information matching the data we have on file
- Confirming your email address or order details
- For requests regarding sensitive information, additional verification may be required
We will not charge a fee to exercise your rights unless your request is excessive, repetitive, or manifestly unfounded.
13. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will notify you by:
- Posting the updated policy on this page with a new "Last Updated" date
- Sending an email notification to the address associated with your account (if applicable)
- Displaying a notice on our Site
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
14. INTERNATIONAL COMPLIANCE OVERVIEW
We are committed to complying with applicable privacy laws in the regions we serve. Below is a summary of how we address key legal requirements:
| Region | Key Law | Our Compliance Measures |
|--------|---------|------------------------|
| European Union | GDPR (EU) 2016/679 | 30-day return window (exceeds 14-day requirement); SCCs + TIA for cross-border data transfers; cookie consent banner; DSAR response within 30 days |
| United States (California) | CCPA/CPRA (effective Jan 1, 2026) | "Your Privacy Choices" link; GPC signal processing; expanded privacy policy disclosures (data categories, retention periods, third parties) |
| Japan | APPI (Act on the Protection of Personal Information) | Japanese-language version available upon request; explicit purpose disclosure; third-party sharing consent; cross-border transfer safeguards |
| South Korea | PIPA (Personal Information Protection Act) | Transparent privacy policy; data minimization; security program compliance; cross-border transfer notifications and consent |
| China | PIPL (Personal Information Protection Law) | Legal basis for processing; data retention and deletion mechanisms; cross-border data transfer compliance (SCCs, certification, or security assessment as applicable) |
15. CONTACT US
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
NIFEN
No. 137, Dahe Village, Guanhu Street, Longhua District
Shenzhen, Guangdong Province
China
Postal code: 518110
Email: support@nifenaqua.com
Website: https://www.nifenaqua.com
For EU customers: If you are unsatisfied with our response to your privacy concern, you have the right to lodge a complaint with your local Data Protection Authority.
For South Korean customers: For inquiries regarding personal information protection, you may also contact the Personal Information Protection Commission (PIPC) at: https://www.pipc.go.kr
ローディング
