Privacy Policy

Effective Date: April 1, 2026
Scope of Application: The website https://ottmel.net/ (“the Site”) is operated  by OTTMEL.

I. General Principles

Dongying Ottmel New Energy Co., Ltd. (hereinafter referred to as “the Company”) is an enterprise dedicated to the research, development, production, sales, and customized services of commercial water heaters. This Privacy Policy (hereinafter referred to as “this Policy”) is strictly formulated in accordance with globally applicable privacy protection laws and regulations. It aims to clarify the Company’s core practices regarding the collection, use, storage, sharing, protection, and user rights related to personal information during the operation of its foreign trade website, ensuring that information processing activities are lawful, fair, necessary, and transparent.

The Site serves global customers in the commercial water heater industry, partners, and potential business prospects, providing services such as product displays, technical parameter inquiries, customized solution consultations, quotation coordination, and after-sales support. By accessing The Site, filling out website forms, submitting business inquiries, or using the interactive functions of The Site, users are deemed to have fully read, understood, and agreed to all contents of this Policy. This Policy serves as the core basis for personal information processing between The Site and users, holding the same legal effect as business cooperation and service provision activities.

Regardless of the user’s country of origin, if the user is a minor, they must use The Site and related services under the consent or supervision of their legal guardian. The Company will process the minor’s personal information in strict accordance with relevant laws and regulations on the protection of minors’ personal information. If users have any questions regarding this Policy, they may contact the Company using the information provided in Article IX of this Policy for verification.

II. Scope and Method of Personal Information Collection

The Company adheres to the “principle of minimization and necessity” in collecting user personal information, collecting only the information necessary to achieve business purposes, and does not mandate the collection of personal data unrelated to its services. Information collection is divided into two categories: actively submitted information and automatically collected information. The specific scope is as follows:

(A) Actively Submitted Information (Website Form Collection)

Personal information voluntarily filled out and submitted by users through functional modules on The Site, such as product inquiry forms, business cooperation forms, after-sales feedback forms, and bulk purchase forms, constitutes the core source of the Company’s information collection. This specifically includes the following categories:
1. Business Contact Information: Line ID, WhatsApp account, email address, landline phone number, mobile phone number.
2. Identity and Entity Information: User’s name, company name, country/region, industry (e.g., hotel operations, school logistics, factory management).
3. Business Needs Information: Type of commercial water heater inquired about (e.g., commercial gas water heater model, commercial air source heat pump water heater capacity, commercial electric water heater power), application scenario (e.g., hotel guest room hot water, factory worker bathing, school central heating), purchase quantity, budget range, installation site conditions, after-sales service requirements.
4. Supplementary Information: User’s special requirements for commercial water heaters (e.g., energy efficiency standards, installation dimensions, material needs), business cooperation remarks, and other additional instructions related to services.

When users fill out forms, certain information may be marked as “required.” Such information forms the basis for the Company to provide precise services and complete business coordination. Information not marked as required is “optional,” and users may voluntarily supplement it based on their actual situation. If users fail to fill in required fields, the Company may not be able to provide basic services such as product consultation or quotation coordination, but this does not affect the user’s ability to browse publicly available product information on The Site.

(B) Automatically Collected Information (Cookies and Similar Technologies)
When users access The Site, the Website system will automatically collect non-identifying website access information through technologies such as Cookies, Web Logs, LocalStorage, and Session Storage. This specifically includes:

1. Basic Device Information: Device type (e.g., computer, mobile phone, tablet), device operating system version, browser type and version, screen resolution, device unique identifier (used only for device identification, not linked to user identity).
2. Website Access Behavior Information: Access time, pages visited, time spent on page,clicks, search keywords, form completion progress page navigation path.
3. Network Environment Information: IP address (only the IP segment is collected, precise location is not pinpointed), internet service provider, access source (e.g., search engine, external link, social media).
4. Commercial Water Heater Business-Related Information: Product models browsed by the user, technical parameters viewed, product series compared, product pages bookmarked, etc., used to optimize product display and service matching on the Website.

The Cookies used on The Site are limited to necessary Cookies, functional Cookies, and analytical Cookies. Tracking Cookies or advertising Cookies used to obtain sensitive user information are not utilized, and automatically collected access information is not shared with third-party advertising platforms. The lifecycle of Cookies consists of session Cookies (automatically deleted upon closing the browser) and persistent Cookies (stored for 90 days to retain user access preferences over the long term). Users can manage, disable, or delete Cookies through their browser settings.

III. Purpose of Using Personal Information

The Company will use user information only within the following lawful scopes:

1. Responding to inquiries and matching products with technical solutions.
2. Conducting business communication, providing quotations, and offering after-sales support.
3. Verifying user identity and ensuring account and transaction security.
4. Optimizing website functionality and enhancing user experience.
5. Complying with laws, regulations, regulatory requirements, and judicial assistance obligations.

Without the user’s explicit consent, the Company will not use user’s personal information for marketing purposes unrelated to the purposes mentioned above.

IV. Sharing, Disclosure, and Cross-Border Transfer of Personal Information

(A) Principles of Information Sharing
The Company adheres to the principle of “necessary sharing and strict control,” sharing user personal information with specific recipients only to achieve business purposes and ensure service quality. The scope of sharing is strictly limited to the minimum information necessary to achieve the intended purpose. Before sharing, the Company will require the sharing recipients to sign strict confidentiality agreements, clarifying their information processing obligations to ensure the security of user’s personal information.

(B) Specific Circumstances of Information Sharing
1. Sharing with Cooperative Service Providers
The Company will share necessary user personal information with the following cooperative service providers to support the execution of commercial water heater business operations:
· Logistics and Delivery Service Providers: Sharing user name, contact number, delivery address, and type of machine purchased for transportation, delivery, and installation arrangements of commercial water heater products.
· Installation and After-Sales Service Partners: Sharing user contact information, machine model, installation site conditions, and usage issues to provide professional product installation, commissioning, and repair services.
· Overseas Agents: Sharing user company name, country/region, purchasing needs, and machine type for product delivery and localized service coordination in overseas regions.
· Website Technical Service Providers: Sharing website access behavior information and basic form submission data for website maintenance, technical maintenance, and data statistical analysis.
· Email/Communication Service Providers: Sharing user email addresses, Line IDs, and WhatsApp accounts for business notifications, message pushing, and other communication services.
2. Circumstances for Legal Disclosure
The Company will disclose user personal information only under the following statutory circumstances without prior user consent:
· Complying with mandatory requirements of laws, regulations, administrative rules, judicial judgments, or government authorities, such as cooperating with market supervision authorities’ product quality inspections or judicial authorities’ case investigations.
· Protecting the Company’s legitimate rights and interests, such as disclosing necessary user information when handling business disputes or pursuing liability for breach of contract.
· Protecting the life, property, or other significant legitimate interests of users or third parties, such as disclosing information to mitigate risks if a user encounters a safety hazard while using the product.

(C) Cross-Border Transfer Regulations
As an enterprise engaged in foreign trade, the Company may transfer user personal information to partners, agents, or service recipients outside of China (e.g., in Southeast Asia, Europe, the Americas) due to overseas business needs. The Company strictly complies with relevant laws and regulations on cross-border personal information transfer and adopts the following compliance measures:

1. Security Assurance Measures: Encrypting user personal information during transfer (using AES-256 encryption algorithm) and transmitting data via secure SSL channels to prevent theft or tampering during cross-border transfer.
2. Execution of Compliance Agreements: Signing Data Processing Agreements (DPAs) with overseas recipients, specifying the purpose, scope, security responsibilities, storage period, and other obligations of the overseas recipient regarding information processing, and requiring them to comply with local personal information protection laws and regulations.
3. Regulatory Filings and Assessments: Conducting security assessments or making filings for important cross-border personal information transfers in accordance with relevant Chinese regulations to ensure compliance with regulatory requirements.
4. User Rights Protection: Overseas recipients are required to safeguard users’ rights to access, rectify, and delete their personal information in accordance with this Policy. If an overseas recipient violates the terms of the agreement, the Company will hold them legally liable.

V. Data Storage and Security Protection

(A) Data Storage Management
1. Storage Location: The Company stores user personal information on compliant servers located within China. Information transferred cross-border is stored on servers located outside of China that comply with local data protection regulations, ensuring the legality and security of information storage.
2. Storage Period: Adhering to the principle of “storage period matching business purposes,” different storage periods are set based on the type of information:
· Business Inquiry and Intention Information: Stored for 12 months from the date of user submission, after which it will be anonymized.
· Bulk Purchase and Cooperation Negotiation Information: Stored for 2 years after the conclusion of the cooperation for subsequent business tracking and after-sales follow-up.
· After-Sales Feedback and Repair Service Information: Stored for 2 years after the expiration of the product warranty period to protect user’s after-sales rights.
· Website Access Behavior and Cookie Data: Stored for 90 days, after which it is automatically deleted or anonymized.
· Information Required to be Retained by Law: Stored for the maximum period stipulated by relevant laws and regulations, after which it will be deleted or anonymized as required.
3. Storage Management: The Company has established a strict information storage management system, implementing access control and log auditing for storage servers. Only authorized personnel are granted access to users’ personal information, ensuring that stored information is not illegally accessed.

(B) Security Protection Measures
The Company places high importance on the security of users’ personal information and invests dedicated resources in establishing a robust information security protection system, adopting the following technical and administrative measures:

1. Technical Security Measures
· Data Encryption Technology: Encrypting users’ personal information for storage and transmission to prevent leakage during storage and transmission.
· Network Security Protection Systems: Deploying firewalls, intrusion detection systems, antivirus systems, etc., to defend against network attacks, malicious code, and other security threats.
· Data Backup Mechanism: Performing full daily backups and incremental weekly backups of user information. Backup data is stored on independent, secure servers to prevent loss of user information due to data corruption.
· Access Control Implementation: Implementing hierarchical access permissions for information systems. Different personnel are granted access only to the user information necessary for their job functions, and all access operations are logged for audit and traceability purposes.
2. Administrative Security Measures
· Establishment of Information Security Management System: Defining operating procedures for information collection, storage, use, and sharing. Conducting regular information security training for employees.

VI. User Rights

Users have the following legal rights regarding their personal information:

1. Access and Rectification: The right to request access to or correction of their submitted personal information at any time.
2. Deletion and Cancellation: The right to request deletion of personal information or cancellation of form submission records (except for information required to be retained by laws or regulations).
3. Withdrawal of Consent: The right to withdraw consent for the collection and use of information at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
4. Cookie Management: The ability to disable or delete Cookies through browser settings, which may affect the functionality of certain parts of the Website.
5. Complaint and Appeal: The right to file a complaint if there is any objection to the Company’s information processing practices, by contacting the Company through the information provided at the end of this Policy.

VII. Cookie Policy

1. Purpose of Cookies: Used to maintain website sessions, record access preferences, analyze traffic, and optimize page display.
2. Types of Cookies: Only necessary and functional cookies are used; tracking cookies used to obtain sensitive information are not employed.
3. User Control: Users can refuse cookies through their browser settings; however, some website services may not function properly as a result.

VIII. Policy Updates

The Company reserves the right to amend this Privacy Policy in response to legal and regulatory updates or business adjustments. The revised policy will be posted on The Site and will become effective immediately upon posting. Continued use of The Site by the user constitutes acceptance of the updated policy.

IX. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your user rights, or wish to file a complaint, please contact the Company using the following methods:

· Company Name: Dongying Ottmel New Energy Co., Ltd.
· Contact Email: Tim_wang@Yeah.Net
· Contact Address: Building 2, No. 27 Jiaxiang Road, Dongying District, Dongying City, Shandong Province, China