Home Services Reviews Contact Login Register Cart

Privacy Policy

Last updated: March 19, 2026

Thanks for visiting zarkarseo.com. This policy explains what information we collect, how we use it and why we need the information to help serve you better. It also explains the specific ways we use and disclose that information. We take your privacy extremely seriously, and we never sell lists, email addresses, or share your personal information with any 3rd party.

Owner and Data Controller

XINHANG TRADING LIMITED
Room D5, 5th Floor, No. 59, Jingye Street, Kwun Tong, Jiulong, HongKong
+852 59354978
Owner contact email: [email protected]

Types of Data Collected

Among the types of Personal Data that zarkarseo.com collects, by itself or through third parties, there are: Cookies, Usage Data, email address, first name, last name and website.

Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.

Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using zarkarseo.com.

Unless specified otherwise, all Data requested by zarkarseo.com is mandatory and failure to provide this Data may make it impossible for zarkarseo.com to provide its services. In cases where zarkarseo.com specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.

Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner.

Any use of Cookies or of other tracking tools by zarkarseo.com or by the owners of third-party services used by zarkarseo.com serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document.

Users are responsible for any third-party Personal Data obtained, published or shared through zarkarseo.com and confirm that they have the third party's consent to provide the Data to the Owner.

Methods of Processing

The Owner takes appropriate security measures to prevent unauthorised access, disclosure, modification, or unauthorised destruction of the Data.

The Data processing is carried out using computers and/or IT enabled tools, following organisational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of zarkarseo.com (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner.

Legal Basis of Processing

The Owner may process Personal Data relating to Users if one of the following applies:

  • Users have given their consent for one or more specific purposes.
  • Provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof.
  • Processing is necessary for compliance with a legal obligation to which the Owner is subject.
  • Processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner.
  • Processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.

In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing.

Place of Processing

The Data is processed at the Owner's operating offices and in any other places where the parties involved in the processing are located. Depending on the User's location, data transfers may involve transferring the User's Data to a country other than their own.

Retention Time

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for. Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
  • Personal Data collected for the purposes of the Owner's legitimate interests shall be retained as long as needed to fulfil such purposes.

The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

The Purposes of Processing

The Data concerning the User is collected to allow the Owner to provide its Services, as well as for the following purposes: Analytics, Managing contacts and sending messages, Handling payments, Contacting the User, Managing support and contact requests, and Hosting and backend infrastructure.

Handling Payments

Payment processing services enable zarkarseo.com to process payments by credit card, debit card, or other means. To ensure greater security, zarkarseo.com shares only the information necessary to execute the transaction with the financial intermediaries handling the transaction.

Stripe (Stripe, Inc.) - Stripe is a payment processing service provided by Stripe, Inc. Stripe processes credit and debit card payments on behalf of zarkarseo.com. When you make a purchase, your payment card information is transmitted directly to Stripe's secure, PCI DSS Level 1-compliant servers. zarkarseo.com does not store, process, or have access to your full credit card number.

Personal Data collected: payment details (card number, expiration date, CVC), email address, billing address, and transaction details.

Place of processing: United States - Privacy Policy.

PCI DSS Compliance

zarkarseo.com is committed to the security of your payment information. We use Stripe as our payment processor, which is certified as a PCI DSS Level 1 Service Provider - the highest level of certification available in the payments industry. Your payment card data is transmitted directly to Stripe using industry-standard TLS encryption and is never stored on our servers.

The Rights of Users

Users may exercise certain rights regarding their Data processed by the Owner. In particular, Users have the right to:

  • Withdraw their consent at any time where they have previously given consent to the processing of their Personal Data.
  • Object to processing of their Data if the processing is carried out on a legal basis other than consent.
  • Access their Data and learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
  • Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
  • Restrict the processing of their Data in certain circumstances.
  • Have their Personal Data deleted or otherwise removed when the Data is no longer necessary for the purpose it was collected for.

Confidentiality of Client Information

All client work product, project details, website URLs, campaign data, and contact information provided to us in connection with our services are treated as strictly confidential. We do not disclose, share, or make available any client-identifiable information to third parties except as required to deliver our services or as mandated by applicable law.

Disclosure in Connection with Third-Party Compliance Reviews

From time to time, our payment processors may request documentation to verify the legitimacy of our business operations. In the event of such a compliance review or audit, we are committed to protecting our clients' privacy as follows:

  • Redacted Records Only. Any transaction records, order histories, or customer data shared with payment processors, financial institutions, or regulatory bodies will be redacted to remove personally identifiable information. Customer names, email addresses, website URLs, and other identifying details will be partially obscured before disclosure.
  • Aggregated Metrics. Where possible, we will provide aggregated and anonymized business metrics (total orders, revenue summaries, customer counts) rather than individual transaction details.
  • No Full Disclosure Without Consent. We will not provide unredacted client information to any third party, including but not limited to payment processors, financial institutions, or regulatory bodies, without the express written consent of the affected client, unless compelled by a valid legal order or regulatory requirement.
  • Minimum Necessary Disclosure. In all cases, we adhere to the principle of minimum necessary disclosure — sharing only the information strictly required to satisfy the compliance request and nothing more.
  • Data Protection Compliance. All disclosures are made in accordance with applicable data protection regulations, including the General Data Protection Regulation (EU) 2016/679 where applicable, and the Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong.

If you have questions or concerns about how your information may be used in a compliance review, please contact us at [email protected].

Contact Information

For any questions about this Privacy Policy, please contact us at:

XINHANG TRADING LIMITED
Room D5, 5th Floor, No. 59, Jingye Street, Kwun Tong, Jiulong, HongKong
Email: [email protected]
Phone: +852 59354978