top of page
Privacy Policy

Last Updated: June 12, 2025

BY J.WU LLC ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, store, share, and protect your personal data when you visit or shop on www.byjwu.com (our "Site"), sign up for our newsletter, or otherwise interact with our business. It also explains your rights regarding your personal data under applicable data protection laws, including the General Data Protection Regulation (GDPR) for individuals in the European Economic Area (EEA) and the United Kingdom (UK), and the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) for California residents.

By using our Site or services, you agree to the collection and use of information in accordance with this policy.

1. Data Controller

BY J.WU LLC, located in New York, NY, is the data controller responsible for the processing of your personal data collected via the Site.

2. Information We Collect and Legal Basis for Processing

We collect various types of information to operate our business, fulfill your orders, communicate with you, improve our Site, and conduct responsible marketing. We only process your personal data where we have a valid legal basis to do so, as required by GDPR.

2.1 Personal Information (Information You Provide)

We collect personal information directly from you when you:

  • Place an order

  • Create an account

  • Sign up for our newsletter or marketing communications

  • Submit a contact form or send us an email

  • Participate in surveys, promotions, or contests

Examples of personal data collected:

  • Contact Information: Full name, email address, shipping address, billing address, phone number.

  • Account Information: Username, password (stored in an encrypted format).

  • Communication Content: Messages you send us via contact forms, email, or chat.

Legal Basis for Processing:

  • Performance of a Contract: To process your orders, deliver products, manage your account, and provide customer support related to your purchases.

  • Consent: For sending marketing communications (e.g., newsletters) if you have explicitly opted-in. You have the right to withdraw your consent at any time.

  • Legitimate Interests: To respond to your inquiries, prevent fraud, improve our services, and maintain the security of our Site. Our legitimate interests are balanced against your data protection rights.

2.2 Behavioral and Technical Data (Automatically Collected Information)

When you visit and interact with our Site, we automatically collect certain information about your device and browsing activity. This information helps us understand how our Site is used, improve user experience, and for analytical and marketing purposes.

Examples of behavioral and technical data collected:

  • Usage Data: Pages visited, time spent on pages, click paths, referring URLs, search terms used.

  • Device Information: Device type, operating system, browser type, language settings.

  • Network Information: IP address.

  • Location Data: General location derived from your IP address.

Legal Basis for Processing:

  • Legitimate Interests: For essential website functionality, security, analytics, and improving our Site's performance and user experience.

  • Consent: For non-essential cookies and tracking technologies (e.g., Google Analytics, Meta Pixel) that collect behavioral data for analytics, personalization, and advertising purposes. This consent is managed via our cookie consent banner.

2.3 Payment Information

All payment transactions are handled securely by third-party payment processors: Wix Payments and PayPal. We do not store or directly access your full credit card details, bank account numbers, or other sensitive payment information. This data is provided directly to our payment processors, who are responsible for its secure handling and compliance with payment industry standards.

Legal Basis for Processing:

  • Performance of a Contract: To facilitate payment for your orders.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Order Fulfillment: To process and fulfill your orders, including order confirmation, shipping updates, and delivery.

  • Customer Support: To respond to your inquiries, requests, and provide customer service.

  • Account Management: To manage your account, if you choose to create one.

  • Marketing and Promotions: To send you marketing communications, newsletters, and promotional offers, but only if you have opted-in to receive them. You can opt-out at any time.

  • Site Improvement: To analyze website performance, fix bugs, test new features, and enhance the overall user experience.

  • Security and Fraud Prevention: To protect our Site, detect and prevent fraudulent transactions, unauthorized access, and other illegal activities.

  • Legal Compliance: To comply with applicable laws, regulations, legal processes, or governmental requests.

4. Cookies and Tracking Technologies

Cookies are small text files placed on your device by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

We use the following types of cookies and tracking technologies on our Site:

  • Essential/Strictly Necessary Cookies: These cookies are crucial for the basic functionality of the Site (e.g., security, site navigation, enabling shopping cart features). They do not require your consent as they are necessary for the Site to operate.

  • Analytics Cookies: These cookies (e.g., Wix analytics, Google Analytics) collect information about how visitors use our Site, such as pages visited, time spent on the Site, and click paths. This helps us understand and improve Site performance and user experience.

  • Advertising/Marketing Cookies: These cookies (e.g., Meta Pixel) are used to track visitor activity across websites to display relevant advertisements and measure the effectiveness of our advertising campaigns.

Managing Your Preferences: You have control over non-essential cookies. You can manage or reject non-essential cookies at any time through our cookie consent banner, powered by Consentik. Please note that blocking or deleting certain cookies may impact the functionality and your experience on our Site.

We use the following cookies to optimize your experience on our Site and to provide our services:

XSRF-TOKEN - Cookie for fraud detection of calls

Hs - Security Cookie for Hive (legacy)

svSession - Session cookie for identification

SSR-caching - Performance cookie for rendering

TS* - Cookies for attack detection

bSession - Used for system effectiveness measurement

fedops.logger.sessionId - Tracking session errors and issues (resilience)

_wixAB3|* - Cookie for site experiments

Server-session-bind - Cookie for API protection

Client-session-bind - Cookie for API protection

5. When and How We Share Your Data

We do not sell your personal data. We share your information only with trusted third-party service providers who assist us in operating our business and providing our services, and only for the purposes outlined in this Privacy Policy. These service providers are contractually obligated to protect your data and only use it for the specified services under strict confidentiality agreements.

Categories of third parties with whom we share data include:

  • E-commerce Platform & Hosting: Wix.com (processes orders, hosts our Site, provides analytics).

  • Payment Processors: PayPal, Wix Payments (securely process financial transactions).

  • Analytics Providers: Google Analytics (helps us understand website traffic and usage patterns).

  • Advertising Platforms: Meta (Facebook) Pixel (measures advertising effectiveness and allows for targeted advertising).

  • Shipping & Delivery Services: UPS, FedEx, USPS (to deliver your orders).

We may also disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency).

6. International Data Transfers

As we operate globally and utilize service providers who may be located outside of the European Economic Area (EEA) and the UK (e.g., in the United States), your personal data may be transferred to, stored, and processed in countries that may not have the same data protection laws as your home country.

When we transfer your data internationally, we implement appropriate safeguards to ensure your personal data remains protected and secure, consistent with applicable data protection laws. These safeguards may include:

  • Transferring data to countries deemed to provide an adequate level of data protection by the European Commission or the UK government.

  • Utilizing Standard Contractual Clauses (SCCs) approved by the European Commission or the UK government, which impose contractual obligations on the recipient to protect your personal data.

  • Relying on other legally recognized mechanisms for data transfer.

By using our Site and services, you understand and acknowledge that your information may be transferred to our facilities and those third parties with whom we share it as described in this Privacy Policy.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:

  • SSL/TLS Encryption: We use Secure Socket Layer (SSL/TLS) encryption across our entire Site to secure communications and transactions.

  • Access Controls: Data is stored securely on Wix's servers, and access to your personal data is restricted to authorized personnel who have a legitimate need to know that information for business purposes.

  • Regular Security Audits: Our service providers (like Wix) implement robust security protocols and conduct regular audits.

  • Industry Best Practices: We strive to adhere to industry best practices to minimize risk and protect your data.

While no method of transmission over the Internet or electronic storage is 100% secure, we continuously work to protect your information.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

The retention periods vary depending on the type of data and the purpose of processing:

  • Order Data: Information related to your purchases (e.g., name, address, order details) is retained to comply with tax and accounting laws, and for warranty/customer service purposes.

  • Marketing Consent: If you have opted-in to marketing communications, we retain your email address until you withdraw your consent or opt-out.

  • Account Data: If you create an account, we retain your account information as long as your account is active. If you delete your account, we will delete or anonymize your data, unless legal obligations require us to retain it for a longer period.

  • Analytical Data: Anonymous or aggregated analytical data may be retained for longer periods for statistical analysis.

You may request the deletion of your personal data at any time, subject to any legal obligations we may have to retain it for a longer period.

9. Your Privacy Rights

Depending on your location, you may have specific rights regarding your personal data. We are committed to facilitating the exercise of these rights.

For Individuals in the EEA and UK (GDPR Rights):

You have the following rights:

  • Right to Access: You have the right to request a copy of the personal data we hold about you.

  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

  • Right to Erasure ("Right to Be Forgotten"): You have the right to request the deletion or removal of your personal data where there is no compelling reason for its continued processing (e.g., data is no longer necessary for the purposes for which it was collected). This right is not absolute and may be subject to legal obligations.

  • Right to Restriction of Processing: You have the right to request that we limit the way we use your personal data in certain circumstances (e.g., if you dispute the accuracy of the data).

  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller, where technically feasible.

  • Right to Object: You have the right to object to the processing of your personal data where we are relying on a legitimate interest as the legal basis for processing (e.g., for direct marketing purposes or profiling).

  • Right to Withdraw Consent: Where we rely on your consent as the legal basis for processing, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you believe your data protection rights have been violated.

For California Residents (CCPA/CPRA Rights):

As a California resident, you have the following rights:

  • Right to Know: You have the right to request that we disclose to you the categories and specific pieces of personal information we have collected about you, the categories of sources from which it is collected, the purposes for collecting it, the categories of third parties with whom we share it, and the categories of personal information that we have disclosed for a business purpose.

  • Right to Delete: You have the right to request the deletion of personal information we have collected from you, subject to certain exceptions.

  • Right to Opt-Out of Sale or Sharing: You have the right to opt-out of the "sale" or "sharing" of your personal information. As stated, we do not sell your personal information. However, we use cookies and tracking technologies (like Google Analytics and Meta Pixel) that may "share" your personal information for cross-context behavioral advertising. You can exercise this right by managing your cookie preferences via our cookie consent banner.

  • Right to Correct Inaccurate Personal Information: You have the right to request correction of inaccurate personal information we maintain about you.

  • Right to Limit Use and Disclosure of Sensitive Personal Information: While we do not collect sensitive personal information (SPI) as defined by CPRA (e.g., precise geolocation, racial/ethnic origin, health information) for purposes that would trigger this right, if we ever were to do so, you would have the right to limit its use and disclosure.

  • Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising any of your CCPA/CPRA rights.

How to Exercise Your Rights:

To exercise any of these rights, please contact us at info@byjwu.com with the subject line "Data Request."

Please provide sufficient information to allow us to reasonably verify that you are the person about whom we collected personal information (e.g., your name, email address, order number if applicable). We may require additional information for verification purposes depending on the nature of your request.

We will respond to your verifiable request within 30 days for GDPR requests and generally within 45 days for CCPA/CPRA requests (with a possible extension up to 90 days, which we will notify you about if needed).

You may also designate an authorized agent to make a request on your behalf. If you use an authorized agent, we may require proof of their authorization and may also require you to verify your own identity directly with us.

10. Children's Privacy

Our Site is not intended for children under the age of 13, and we do not knowingly collect personal data from children under 13. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us at info@byjwu.com. If we become aware that we have collected personal data from a child under 13 without verifiable parental consent, we will take steps to remove that information from our servers.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will post the revised Privacy Policy on this page and update the "Last Updated" date at the top. We encourage you to review this Privacy Policy periodically for any changes. For significant changes, we may ask to renew your consent.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: info@byjwu.com

BY J.WU LLC

New York, NY

bottom of page