Privacy Policy – Garmentown | China T-shirts, Polo Shirts, Hoodies, Sweatpants, Aprons & Hairdressing Capes Wholesale Manufacturer

1

Who We Are

Garmentown is a professional garment manufacturer established in 2011, headquartered in China. We provide OEM/ODM manufacturing services for international brands, wholesalers, importers, and enterprise buyers worldwide, with primary markets in North America and Europe.

For the purposes of this Privacy Policy, "Garmentown," "we," "us," or "our" refers to the Garmentown company and its authorized representatives. "You" refers to any individual or business entity that interacts with our website, submits an inquiry, or enters into a business relationship with us.

This policy applies to all personal and business data processed in connection with our B2B services, including procurement inquiries, order management, and ongoing supplier-client communications.

2

Data We Collect

We collect information necessary to fulfill our manufacturing and procurement services. This falls into the following categories:

Contact & Identity Information

• Full name and job title
• Work email address
• Business phone number
• Company name and address

Procurement & Order Data

• Tech packs and design specifications
• Order quantities and product requirements
• Delivery and shipping addresses
• Purchase order and invoice records

Communication Data

• Email and messaging correspondence
• Inquiry form submissions
• Meeting notes and call records
• Sample feedback and quality reports

Website & Technical Data

• IP address and browser type
• Pages visited and time on site
• Referral source and device information
• Cookie identifiers (see Section 5)

B2B Context Note: We primarily process business contact information of procurement managers, brand managers, and project managers acting in their professional capacity. We do not intentionally collect personal data unrelated to a business purpose, nor do we collect data from individuals under 18 years of age.

3

How We Use Your Data

We use the information we collect for the following purposes:

Responding to inquiries and quotations: Processing your requests for product samples, pricing, lead times, and manufacturing capabilities.
Order fulfillment and project management: Managing production schedules, quality control processes, and delivery coordination based on your specifications.
Contractual obligations: Issuing invoices, managing payments, and maintaining records required for compliance with international trade regulations.
Quality assurance and after-sales support: Handling quality issues, replacement requests, and compliance documentation (e.g., BSCI audit records).
Business communications and updates: Sending relevant product updates, capacity announcements, or industry information where you have provided consent or where we have a legitimate business interest.
Website improvement: Analyzing site usage patterns to improve our online presence, content relevance, and user experience for procurement professionals.
Legal and regulatory compliance: Meeting obligations under applicable Chinese law, international trade regulations, and export/import compliance requirements.

4

Legal Basis for Processing

For customers located in the European Economic Area (EEA), United Kingdom, or other jurisdictions with similar data protection frameworks, we process your data on the following legal bases:

Contract

Processing necessary to perform a contract with you or to take steps at your request prior to entering a contract -- including order processing, production management, and delivery coordination.

Legitimate Interests

Processing for our legitimate business interests, including B2B marketing communications, website analytics, and improving our services -- provided these interests are not overridden by your rights.

Legal Obligation

Processing necessary to comply with applicable laws, including accounting, tax, customs, and trade compliance obligations under Chinese and international regulations.

Consent

Where you have explicitly consented to receive marketing materials or for specific uses of your data such as newsletter subscriptions. You may withdraw consent at any time.

5

Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and gather analytical data. As a B2B platform, our use of cookies is focused on site functionality and performance rather than consumer advertising.

Cookie Type	Purpose	Required
Essential	Session management, security tokens, form submissions, and basic site functionality.	Always Active
Analytics	Understanding how visitors navigate our site (e.g., Google Analytics). Data is aggregated and anonymized where possible.	Optional
Functional	Remembering your preferences, language settings, and previously submitted inquiry details.	Optional
Marketing	Tracking effectiveness of B2B outreach and LinkedIn/Google Ads campaigns targeted at procurement professionals.	Optional

You can manage or disable non-essential cookies through your browser settings at any time. Note that disabling certain cookies may affect website functionality. For EEA/UK visitors, we display a cookie consent banner upon your first visit.

6

Third-Party Sharing

We do not sell, rent, or trade your personal or business information to third parties for their own marketing purposes. We may share your data in the following limited circumstances:

Service Providers & Subprocessors

We engage trusted third-party service providers to operate our business, including logistics and freight partners (for shipment tracking), payment processors, email communication platforms, and CRM software providers. These parties process your data only on our behalf and under strict confidentiality agreements.

Supply Chain Partners

In fulfilling your orders, we may share relevant specifications and delivery information with fabric suppliers, testing laboratories, and inspection agencies. Any proprietary design data (tech packs, brand assets) shared with us is treated with strict confidentiality and is not disclosed beyond what is necessary for production.

Legal & Regulatory Authorities

We may disclose information to government authorities, customs agencies, or legal bodies when required by applicable law, court order, or regulatory requirement -- including export/import compliance obligations.

Business Transfers

In the event of a merger, acquisition, or sale of business assets, your data may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

7

International Data Transfers

As a China-based manufacturer serving global clients, your data may be transferred to and stored on servers located in mainland China or other countries where our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction.

Where we transfer personal data from the EEA or UK to countries not deemed to provide an adequate level of protection, we implement appropriate safeguards, which may include:

• Standard Contractual Clauses (SCCs) approved by the European Commission or UK equivalent
• Binding corporate rules or other legally recognized transfer mechanisms
• Your explicit consent where applicable and appropriate

For more information about the safeguards applied to your international data transfers, please contact us using the details in Section 12.

8

Data Retention

We retain your data for as long as necessary to fulfill the purposes outlined in this policy and to comply with our legal obligations. Our standard retention periods are:

Active Business Relationships

Data is retained for the duration of our business relationship plus a reasonable period thereafter for warranty, quality claims, and relationship management.

Financial & Order Records

Invoices, purchase orders, and related financial documents are retained for a minimum of 7 years to comply with accounting and tax regulations.

Inquiry & Prospective Customer Data

Data from inquiries that did not result in a contract is retained for up to 2 years for follow-up purposes, after which it is securely deleted unless you have consented to longer retention.

Website Analytics Data

Aggregated analytics data is typically retained for 26 months, consistent with standard analytics platform settings.

9

Data Security

We take the security of your business information seriously. As an ISO 9001-certified manufacturer, our commitment to quality extends to how we manage and protect data. The technical and organizational measures we employ include:

SSL/TLS encryption for all data transmitted through our website

Access controls limiting data access to authorized personnel only

Secure storage of confidential design files and tech packs

Employee training on data protection and confidentiality obligations

While we implement robust security measures, no method of transmission over the internet is 100% secure. We encourage you to use secure, encrypted communication channels when sharing sensitive business information with us.

Data Breach Notification: In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and relevant supervisory authorities within the timeframes required by applicable law.

10

Your Rights

Depending on your location and applicable data protection law (including GDPR, UK GDPR, CCPA, or equivalent), you may have the following rights regarding your personal data:

Right of Access

Request a copy of the personal data we hold about you and your business contacts.

Right to Rectification

Request correction of inaccurate or incomplete personal data we hold about you.

Right to Erasure

Request deletion of your personal data where there is no compelling reason for its continued processing, subject to legal retention obligations.

Right to Restriction

Request that we restrict the processing of your personal data in certain circumstances.

Right to Data Portability

Receive your data in a structured, commonly used, machine-readable format where technically feasible.

Right to Object

Object to processing based on legitimate interests, including direct B2B marketing communications.

Right to Withdraw Consent

Withdraw consent at any time where processing is based on your consent, without affecting the lawfulness of prior processing.

Right to Lodge a Complaint

File a complaint with your local data protection supervisory authority if you believe we have not handled your data appropriately.

How to exercise your rights: To submit a data rights request, please email us at [email protected]. We will respond within 30 days of receiving your request. We may need to verify your identity before processing your request.

11

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other operational factors. When we make material changes, we will:

• Update the "Last updated" date at the top of this page
• Notify active clients via email where the changes materially affect how we process their data
• Post a prominent notice on our website for a reasonable period

We encourage you to review this policy periodically. Your continued use of our services after any changes become effective constitutes your acknowledgment of the updated policy.

12

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact our designated privacy contact:

Company

Garmentown

China-based Garment Manufacturer

Established 2011

Privacy Inquiries

[email protected]

We respond within 5 business days

General Business Inquiries

[email protected]

For procurement and order inquiries

Response Commitment

All data rights requests acknowledged within 5 business days and resolved within 30 calendar days.