Introduction

REACH24H Consulting Group China ("REACH24H") is committed to providing timely and professional global regulatory information & market insights involving chemicals, food, food-contact-materials, cosmetics, agrochemicals, pharmaceuticals, and sustainable industries. We focus on analyzing regulatory changes, organizing online training sessions, compiling expert reports, and more.

REACH24H, headquartered in 10th Floor, C1, Headquarters Economy Park for Alumni Corporation of Zhejiang University, No. 76 North Longzhou Road, Yuhang District, Hangzhou, Zhejiang, China, acts as the "data controller" of your personal data under the GDPR. You can reach us at customer@reach24h.com. REACH24H has also designated an EU Representative as required by GDPR Art.27. The EU Representative is REACH24H Consulting Group, located at PARAMOUNT COURT, CORRIG ROAD SANDYFORD DUBLIN 18, IRELAND, reachable at eu@reach24h.com.”

Our Commitment to GDPR Core Principles

We are committed to complying with the seven core principles of the GDPR to ensure that our processing of your personal data is lawful, fair, transparent, and accountable:
Lawfulness, Fairness, and Transparency: We process your personal data only when we have a valid legal basis and we inform you in a clear and transparent manner.
Purpose Limitation: We collect your personal data for specified, explicit, and legitimate purposes only.
Data Minimisation: We only collect and process personal data that is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.
Accuracy: We take every reasonable step to ensure that your personal data is accurate and, where necessary, kept up to date.
Storage Limitation: Your personal data is kept in a form which permits identification for no longer than is necessary for the purposes for which it is processed.
Integrity and Confidentiality: We implement appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction, or damage.
Accountability: We are responsible for, and must be able to demonstrate compliance with, all of the above principles.

Personal Data We Collect, Purposes, and Legal Bases

We collect and process your personal data only when we have a valid legal basis to do so. Below are the purposes for which we process your data and the corresponding legal bases in different situations:

Your provision of most personal data is voluntary. However, if you do not provide certain necessary information (e.g., name and email address), we may be unable to provide you with certain services or features, such as online customer service and other user response functions.

We will provide a link that allows you to manage your cookie preferences and withdraw consent or change your settings at any time. On that page, you can also view detailed information about the cookie retention period.

Data Sharing

We will not sell, rent, or otherwise provide your personally identifiable information to third parties except as described in this policy or with your explicit consent.
We will never disclose your personal data for purposes other than those described in this Privacy Policy, unless disclosure is strictly necessary to protect our legal rights, the safety of our users, or to prevent fraud or abuse.
We only share your personal data with:

Service providers (processors)

We may share your data with trusted service providers (such as cloud hosting, IT support, email delivery, or payment processors) who process personal data strictly on our behalf and under written contracts in compliance with GDPR.
We use third-party analytics providers, such as Google Analytics, to help us understand how our services are used. These providers may collect information such as your IP address, browser type, and usage data. Data collected by such providers may be transferred to and processed in the United States or other countries. You can learn more about Google's practices at Google Privacy & Terms and opt-out via Google Analytics Opt-out Tool .

Regulatory or legal authorities

We may disclose your personal data when required by applicable laws, legal processes (e.g. subpoenas, court orders), or to comply with regulatory obligations.

Business transfers

If REACH24H undergoes a change in control, merger, acquisition, or asset sale, your personal data may be disclosed or transferred to the new owner. Any such transfer will be carried out under GDPR safeguards to ensure continued protection of your data.

With your consent

We will share your personal data with third parties for marketing or event invitations only where you have explicitly opted in. You may withdraw your consent at any time.

Aggregated/anonymous data

We may share statistical or aggregated data that does not identify any individual with industry partners, researchers, or potential advertisers for analytics and market insights.

International Transfers

We maintain servers around the world, so the servers we use to process your information may not be located in your country. This means that your personal data may be transferred to and stored in a "third country".
Where personal data is transferred, we will implement appropriate safeguards to ensure an adequate level of protection in compliance with specific legal frameworks.
You can request a copy of these safeguards by contacting us.

Your Rights to Access and Control Your Personal Data

We provide many choices about the collection, use, and sharing of your data, from deleting or correcting data you include in your profile. We offer you settings to control and manage the personal data we have about you.
For personal data that we have about you:

• Right to be Informed: You have the right to receive comprehensive, clear, and understandable information about the processing of your data at the time of collection or at the latest at the first communication with you. This Privacy Policy serves to fulfill this obligation.
• Right of Access: You have the right to obtain a copy of your personal data we hold about you from us.
• Right to Rectification: You have the right to request the correction or completion of inaccurate or incomplete personal data.
• Right to Erasure ("Right to be Forgotten"): You have the right to request the erasure or deletion all or some of your personal data.
• Right to Restriction: You have the right to restrict our processing of your personal data under certain circumstances.
• Right to Data Portability: You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, and to transmit that data to another data controller.
• Right to Object: You have the right to object to our processing of your personal data, particularly when processing is based on our legitimate interests
• Right Not to be Subject to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing that produces legal effects concerning you or significantly affects you.
• Right to withdraw consent at any time: If processing is based on your consent, you have the right to withdraw it at any time, without affecting the lawfulness of processing before withdrawal.

How to Exercise Your Rights
You may submit any of the above requests in writing by sending an email to or by using the contact information provided at the bottom of this policy. Such requests will be handled free of charge. We will respond in writing (or electronically) to your request within one month of receipt.

Your Obligations as a User

As a User, you have certain obligations to other Users. Some of these obligations are imposed by applicable law and regulations, and others have become commonplace in user-friendly communities of like-minded members such as REACH24H:

• You must, at all times, abide by the terms and conditions of the then-current Privacy Policy and User Agreement. This includes respecting all intellectual property rights that may belong to third parties (such as trademarks or photographs).
• You must not download or otherwise disseminate any information that may be deemed to be injurious, violent, offensive, racist or xenophobic, or which may otherwise violate the purpose and spirit of REACH24H and its community of Users.
• You must not provide to REACH24H and/or other Users information that you believe might be injurious or detrimental to your person or to your professional or social status.

Children

Children under the age of 18 are not eligible to use our service.

Changes to this Privacy Policy

We may update this Privacy Policy at any time. Any significant changes (e.g., a change in how we collect, use, or share personal data), we will display a notice on the REACH24H website or send you an email, so that you may review the changed terms prior to continuing to use the site. Unless stated otherwise, our current Privacy Policy applies to all information that REACH24H has about you and your account.

Data Retention Periods

We will retain your information as long as needed for the purposes described, unless a longer retention period is required by law. Specifically:
Customer service records (e.g., inquiries, support communications): retained for up to 3 years after the closure of the request.
Browsing logs and cookies: retained for up to 12 months, depending on the cookie type.
Where no specific retention period applies, we determine the period based on the criteria of necessity for the purpose, applicable legal obligations, and limitation periods under relevant laws.
After the retention period expires, we may anonymize or pseudonymize your data for analytical, statistical, or research purposes, so that it can no longer be linked to you.

Security

In order to help secure your personal information, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including access to your data on REACH24H is password-protected, and sensitive data is protected by SSL encryption when it is exchanged between your web browser and the REACH24H website. To protect any data you store on our servers, REACH24H also regularly audits its system for possible vulnerabilities and attacks. However, since the internet is not a 100% secure environment, we cannot ensure or warrant the security of any information you transmit to REACH24H, You are also responsible for keeping your login credentials confidential. Please note that emails, instant messaging, and similar means of communication with other Users of REACH24H are not encrypted, and we strongly advise you not to communicate any confidential information through these means.

If any personal information security incident occurs that is likely to result in a risk to your rights and freedoms, we will promptly inform you of the following in accordance with the requirements of the laws and regulations: basic information and possible impacts of the incident, actions we have taken or will take in response thereto, suggestions for risk prevention and reduction on your own, and remedial measures against you. We will inform you of the incident in a timely manner by such means as mail, letter, telephone, or push notice. When it is difficult to inform the subjects of personal information one by one, we will publish an announcement in a reasonable and effective way.
We will also report the breach to the competent supervisory authority without undue delay, as required.

Links to Other Websites

The Site may contain links to third-party websites, including social network sites. Such websites are governed by their own terms of use and privacy policies, which you should review before browsing or submitting information to them. REACH24H is not responsible for the privacy practices of such websites. In addition, a link to a third-party website does not mean that REACH24H endorses or accepts any responsibility for the content or the use of such website. REACH24H shall not bear any liability or responsibility for such content or for your use of these websites.

Contact Us

If you have questions or comments about this Privacy Policy, please contact us here or mail us at: customer@reach24h.com.
If required, you may also contact our EU representative using the details provided in this policy.

Your Right to Complain

You have the right to lodge a complaint at any time with the data protection supervisory authority in your country.