14-Day Price Match Learn More
Free Worldwide Shipping
Painless Ice-Cool Hair Removal
Log in

Cart

Your cart is currently empty.

Continue shopping
Total
$0.00 USD

Privacy Policy

Privacy Policy:
I. Scope of Application
This Privacy Policy applies to all personal information processing activities involved in the sale of our IPL hair removal devices, RF beauty instruments, and related accompanying mobile applications (such as the "CordataCare" App), cloud service platforms, official website (https://iplhairfree.com), and authorized offline experience centers to end consumers. It does not cover statistical data that has undergone de-identification (rendering it irreversible and incapable of being linked to a specific natural person).


II. Scope and Purpose of Information Collection
We collect only the minimum amount of information necessary to enable product functionality and ensure compliant operations:
1. Basic Device Information: Unique device serial number (SN), firmware version, usage duration, and operation logs (excluding images/biometric data), used for fault diagnosis, remote calibration, and security alerts;
2. App Account Information: Mobile phone number (stored in encrypted form), device binding status, self-assessed skin type (Fitzpatrick classification), and treatment area preferences (e.g., bikini line, face), used for personalized energy recommendations and treatment reminders;
3. Customer Service Information: After-sales service ticket numbers, communication records (including voice-to-text summaries, subject to the user's explicit authorization), and repair/inspection reports, used for service loop closure and quality traceability;
4. Legally Required Information: In accordance with the NMPA's *Measures for the Administration of Monitoring and Re-evaluation of Adverse Events of Medical Devices*, we are required by law to report necessary identity and usage information regarding serious adverse events (access restricted solely to regulatory authorities).

 

III. Restrictions on Information Sharing and Disclosure
We strictly prohibit the sale, rental, or trading of your personal information to any third party. We will share information only in the following limited, legally mandated circumstances:
1. Sharing of necessary data with ISO/IEC 27001 certified cloud service providers (specifically, the Alibaba Cloud South China node) to facilitate App operations and data backups; such sharing is governed by a binding Data Processing Agreement (DPA);
2. Submission of mandatory safety information to the National Medical Products Administration's (NMPA) Medical Device Adverse Event Monitoring System;
3. Provision of information in response to valid legal instruments issued in accordance with the law by public security or judicial authorities;
4. Transfer of information to an acquiring party in the event of a corporate merger, acquisition, or asset transfer (provided that the acquiring party is contractually obligated to uphold the terms of this Policy). IV. Data Security Protection Measures


We employ industry-standard technical and administrative measures to safeguard information security:
1. Transport Layer: TLS 1.3 encryption is enabled across the entire communication link, and the encryption keys used for communication between the App and our servers are dynamically rotated.
2. Storage Layer: Sensitive fields—such as users' mobile phone numbers—are encrypted using the SM4 cryptographic algorithm (a Chinese national standard); the corresponding encryption keys are independently managed by a Hardware Security Module (HSM).
3. Access Control: We implement the principle of least privilege; employees requiring access to production databases must undergo two-factor authentication and obtain prior approval.
4. Audit Mechanism: On a quarterly basis, we commission third-party organizations to conduct penetration testing and compliance audits, and we report the results to the Cyberspace Administration of Guangdong Province.

 

V. How to Exercise User Rights
You have the right to exercise your rights through the following methods:
1. Access/Correction: Log in to the App and navigate to "My Account" > "Privacy Center" to view and modify your skin type and contact details online.
2. Deletion: Submit a written request to service@iplhairfree.com. We will complete the erasure of local data on your device and the removal of redundant copies from our cloud storage within 15 business days.
3. Withdrawal of Consent: Disable non-essential permissions (such as location access) within the App's settings; doing so will not affect the core hair removal or skin tightening functionalities.
4. Complaints/Reporting: Contact our Data Protection Officer (DPO) at service@iplhairfree.com; we commit to responding to your inquiry within 72 hours.

 

VI. Policy Updates and Effective Date
This policy becomes effective on April 1, 2026. For significant changes (such as the addition of new information types or an expansion of data sharing scope), we will provide 30 days' advance notice via a dual notification method—specifically, an in-App pop-up window combined with an SMS message—and we will seek your explicit consent anew. Historical versions of this policy are archived in the "Compliance Center" section of our official website for your reference.