We take your privacy very seriously. When you visit our website, please agree to the use of all cookies. For more information about the processing of personal data, please visit 'Privacy Policy'.

Privacy Policy

Definition of Personal Data

Personal data means any information capable of identifying a natural person, either when used independently or in conjunction with other information. Such personal data may be voluntarily provided by you during your access to our website, use of our products or services, and interactions with our Company, or collected by us by recording your interactive behaviors with our website, products and services via technical tools including Cookies. The categories of data collected by us vary in accordance with the websites you visit and the products or services you utilize, which may cover personal identifiers such as full name, residential address, email address and contact telephone number. The collection of personal data is undertaken for the purpose of establishing communication with you, delivering designated services and issuing critical official notifications.

I. Privacy Policy

Shandong Qidu Pharmaceutical Co., Ltd. (hereinafter referred to as "Qidu Pharmaceutical") fully acknowledges the paramount importance of personal data to all clients and end users. Accordingly, Qidu Pharmaceutical places high priority on the safeguarding of personal data belonging to its clients and users, and has rolled out a comprehensive set of measures to ensure all business operations comply with applicable personal data protection regulatory frameworks, including the General Data Protection Regulation (GDPR).

1.For the effective implementation of personal data protection compliance requirements, Qidu Pharmaceutical has formally appointed a dedicated Data Protection Officer (DPO).

2.Qidu Pharmaceutical adheres to industry-standard methodologies and established practices for personal data protection. For all business operations subject to the GDPR, the Company adopts Data Protection Impact Assessment (DPIA) to evaluate and mitigate security risks associated with personal data embedded within its products and services.
(1) Qidu Pharmaceutical mandates a comprehensive evaluation of all personal data involved in products and services; all projects entailing personal data processing shall undergo a mandatory DPIA;
(2) A complete data inventory and standardized data flow diagram shall be formulated for all projects involving personal data processing;
(3) Projects handling personal data shall identify potential risks arising across the full lifecycle of data processing activities (encompassing collection, utilization, storage, disclosure and erasure), and implement tiered mitigating measures covering administrative, physical and technical safeguards corresponding to respective risk levels;
(4) Upon completion of the DPIA exercise, a formal assessment report shall be compiled and submitted to the DPO for official approval.

3.Qidu Pharmaceutical has deployed a suite of robust technical safeguards, including intrusion detection systems, access control mechanisms, end-to-end encryption, data leakage prevention solutions, anti-spam filtering, endpoint security protection and vulnerability scanning. Penetration testing is regularly conducted to validate the efficacy of all personal data protection controls.

4.The Company has established a formal emergency response protocol for personal data security breaches. In the event of any personal data breach incident, Qidu Pharmaceutical shall immediately activate the emergency response workflow, take all reasonable steps to mitigate losses arising from the breach, and deliver formal notifications to all affected individuals in accordance with regulatory standards.

5.Qidu Pharmaceutical maintains a continuous training regime on privacy policies for all relevant staff. This training ensures every employee subject to the GDPR acquires a precise understanding of data protection legal principles relevant to their respective job functions, and strictly abides by all internal policies and operational procedures applicable within the Company.

6.To sustain ongoing regulatory compliance, Qidu Pharmaceutical conducts periodic formal audits covering both technical controls and operational workflows governing personal data protection.

The protection of personal data constitutes not merely a statutory obligation, but also a core corporate social responsibility. Qidu Pharmaceutical shall continuously refine its product lines and service systems to bolster information security and privacy safeguards, thereby minimizing personal data exposure risks for all clients and users.

7.Qidu Pharmaceutical retains your personal information only for the minimum timeframe necessary to fulfil the legitimate purposes for which such data is processed. Website access logs shall be retained for a period of six months (additional data categories and retention periods may be specified separately). Where mandatory provisions are stipulated by applicable laws and regulations, such statutory provisions shall prevail. Upon the expiration of the prescribed retention period, we shall either permanently erase or fully anonymize your personal information.

8.As a general principle, the Company shall not disclose your personal information to any third party without obtaining your separate written consent, or unless otherwise permitted under applicable laws and regulations.

Notwithstanding the above, we may disclose personal information without securing your prior consent under the following statutory scenarios:
(1) Where disclosure is indispensable for the performance of statutory duties or legal obligations;
(2) Where disclosure is necessary to respond to emergent public health incidents, or to safeguard the personal life, physical health and property security of natural persons in emergency circumstances;
(3) Where personal information is processed within a reasonable scope for news reporting, public opinion supervision and other activities conducted for the public interest;
(4) Any other circumstances as prescribed by applicable laws and administrative regulations.

II. Policy Amendments and Updates

Qidu Pharmaceutical reserves the absolute right to revise, update or amend this Privacy Statement at any time without prior notice. All revised versions of this Policy shall be published and made available on this webpage. In the event of material amendments to this Privacy Statement, the Company may issue formal change notifications via multiple communication channels, such as posting official announcements on our corporate website or delivering individual notifications to relevant users.