top of page

Privacy Statement

Last updated: October 5, 2025

At Happy Composites we respect your privacy and are committed to protecting your personal data. This Privacy Statement explains what personal data we collect, how and why we use it, and the rights you have in relation to your personal data. It applies whenever you interact with Happy Composites, whether you visit our website, request information, purchase products, supply goods or services to us, or communicate with us in any other way.

 

“Personal data” (or “personal information”) means any information that relates to an identifiable individual. The term “processing” covers everything we might do with that data, such as collecting, storing, using or sharing it.

 

Personal data we collect and how we obtain it

The personal data we process falls into several categories. What we collect depends on how you engage with us and may include the following:

  • Contact information

    • Examples: Name, postal address, phone number, organisation details (e.g., employer, job title), business and personal email addresses.

    • Sources: You; publicly available sources such as LinkedIn.

  • Background and identity information

    • Examples: Date of birth, identification data (passport, utility bill, bank statement), nationality.

    • Sources: You; third‑party systems used for regulatory/identity checks.

  • Customer or supplier information

    • Examples: Order details, delivery information, communications with us (including inquiries through our website), information about your customers or staff that you share with us in connection with a transaction, user IDs and passwords for our platforms, billing and banking details, digital signatures, fraud flags, communications regarding transactions.

    • Sources: You; your organisation; advisors and other third parties working with you.

  • Marketing preferences and website usage data

    • Examples: Preferences you set for receiving marketing communications; information automatically generated through your use of our websites and digital platforms such as pages visited, content viewed, search terms, IP address and other online identifiers, device data, login information, location data.

    • Sources: You; your use of our website and other digital platforms.

  • Sensitive information

    • Examples: In limited cases we may collect sensitive information, for example, racial or ethnic origin, nationality and passport data, criminal conviction data (for anti‑money‑laundering and identity checks) or other special‑category data where required by law.

    • Sources: You; third‑party identity verification services. We only collect such data where necessary and subject to applicable legal requirements.

 

Providing certain personal data is a prerequisite for our engagement with you. If you do not provide requested contact, identity, regulatory or customer/supplier information, we may not be able to respond to your inquiry, provide goods or services, or work with you as a supplier.

 

How and why we use your personal data (legal bases)

We only process your personal data when we have a lawful basis to do so. Depending on the context, we rely on one or more of the following bases: your consent, performance of a contract, legal obligations, or our legitimate interests. Below are the main purposes for which we use personal data and the corresponding legal bases:

  • Responding to your inquiries and administering our relationship with you. We use contact and customer/supplier information to respond to questions, manage orders, provide customer service, administer accounts and send transaction‑related notifications. Legal bases: performance of a contract; our legitimate interests in communicating with you.

  • Providing products and services and managing orders. This includes processing orders, taking payment, providing delivery and after‑sales services, establishing you or your organisation as a client or supplier in our systems, and maintaining records of transactions. Legal bases: contract performance; legitimate interests in running our business; compliance with legal obligations.

  • Marketing and communications. With your consent where required, we may send you information about products, services, promotions and offers. You can opt out at any time by following the instructions in the communication or contacting us. We may also invite you to participate in market research or surveys. Legal bases: consent; legitimate interests in promoting our business.

  • Operating and improving our website and digital platforms. We collect website usage data to ensure our site functions correctly, monitor performance, analyze how it is used, fix technical issues, personalize your experience and improve our services. Legal bases: legitimate interests in operating and improving our website; consent (for non‑essential cookies and similar technologies).

  • Managing our business and meeting legal obligations. We may process personal data for business planning and development, accounting, auditing, insurance, risk and security controls, fraud prevention, identity verification, compliance with anti‑bribery and anti‑money‑laundering laws, training staff and maintaining the security and integrity of our systems. We may also convert personal data into aggregated or anonymized statistics for research and analysis. Legal bases: legitimate interests; compliance with legal obligations; protection of vital interests; establishment, exercise or defence of legal claims.

  • Corporate transactions. In the context of a sale, merger, restructuring or other corporate transaction, we may use or share relevant personal data with prospective buyers or partners under strict confidentiality. Legal bases: legitimate interests; contract performance.

  • Processing sensitive information. In limited circumstances, we may process sensitive data (e.g., dietary requirements when hosting you at our premises, anti‑money‑laundering checks, medical information for health and safety) with your explicit consent or where required to protect vital interests, comply with law, or establish or defend legal claims.

 

How we communicate with you

We use your contact information to communicate with you:

  • In relation to purchases. We send order confirmations, invoices, shipping updates, and related communications.

  • To manage our relationship. We send notices about changes to our terms or policies, respond to complaints or inquiries and administer user accounts.

  • For surveys and feedback. We may invite you to take part in surveys or provide feedback to improve our products and services.

  • Marketing messages. With your opt‑in consent (where required), we send information about Happy Composites’ products, services, promotions or events that may interest you via email, text, post or telephone. You may withdraw your consent or opt out of marketing at any time.

 

Security of your personal data

We implement appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage. However, no method of transmission over the internet or electronic storage is completely secure. When you submit data online you do so at your own risk, and you are responsible for keeping any passwords or login credentials confidential.

 

How long we keep your data

We retain personal data only as long as necessary for the purposes for which it was collected. Retention periods are determined based on factors such as:

  • Legal or regulatory requirements we must follow;

  • The nature of the data and the context in which it was collected;

  • The duration of our relationship with you and whether there is a dispute or potential claim;

  • Any requests by you or by regulators to retain the data; and

  • Statutes of limitation for legal claims.

 

We securely delete or anonymize personal data when it is no longer needed.

 

Sharing and transferring personal data

We may share your personal data with third parties as permitted by law. Examples include:

  • Within our group. Happy Composites may share personal data with its affiliates or subsidiaries for business management purposes, to fulfil orders or provide services across branches and to comply with reporting or approval requirements. Access is restricted to staff who need the information for their role.

  • Service providers. We engage third parties to perform functions on our behalf, such as website hosting, IT support, payment processing, logistics, marketing, analytics and professional services (e.g., legal and accounting advisors). These providers act under contractual obligations to process personal data only on our instructions and maintain appropriate security.

  • Other third parties acting independently. In certain circumstances we may disclose personal data to independent third parties, for example, payment fraud‑checking services, regulators, courts, insurers, business partners or in connection with the sale or reorganisation of our business. We may also share data to comply with legal obligations or protect the rights, property or safety of us or others.

 

Because we operate with global suppliers, your personal data may be transferred to, and stored in, countries outside of your home jurisdiction. We only make such transfers when they are subject to appropriate safeguards, such as:

  • The recipient country has been deemed to provide an adequate level of protection;

  • We have put in place contracts with the recipient that include standard data‑protection clauses; or

  • The transfer is otherwise permitted by applicable law or with your explicit consent.

 

Where required (for example, under European Union or Chinese law), we will implement additional measures such as conducting transfer risk assessments or obtaining government approvals. Please contact us if you would like further information about cross‑border transfers.

 

Cookies and similar technologies

We use cookies, pixels, local storage and similar technologies to provide and improve our digital services. These small data files or identifiers allow our website to recognize your device and collect information about how you interact with the site. Some cookies are essential for the website to function; others help us understand usage patterns, personalise content, remember your preferences, measure the effectiveness of communications and support security.

 

Cookies may be first‑party (set by Happy Composites) or third‑party (set by service providers, such as analytics or advertising partners). We may also use web beacons in emails to determine whether you have opened them. You can manage your cookie preferences via your browser settings or by using our cookie settings tool. Please note that disabling cookies may affect the functionality of our website. For more information about cookies, visit www.aboutcookies.org or consult your browser’s help section.

 

“Do Not Track” signals

Some web browsers allow users to send a “Do Not Track” (DNT) signal to websites. Because there is no common standard for interpreting DNT signals, our website does not currently respond to them. We do, however, respect legally required global privacy controls where applicable.

 

Children’s privacy

Our website and services are not directed to children under the age of 13. We do not knowingly collect personal data from children. If we discover that we have inadvertently collected data from a child under the applicable age of consent, we will delete that information. Parents or guardians who believe their child has provided us with personal data should contact us.

 

Your data protection rights

Depending on where you live and subject to legal limitations, you may have the following rights:

  • Right of access. You can request confirmation of whether we process your personal data and obtain a copy of that data, including details about how we use and share it. We may ask you to specify the information you wish to access and to verify your identity. In certain situations we may deny access where, for example, providing it would disclose another person’s data, reveal confidential commercial information, or violate law.

  • Right to data portability. Where processing is based on consent or a contract and carried out by automated means, you may request to receive the personal data you provided to us in a structured, machine‑readable format and to have that data transferred to another controller.

  • Right to rectification. You may request correction or completion of inaccurate or incomplete personal data. Please keep us informed of any changes to your details and check whether self‑service tools are available for updating your information.

  • Right to object or restrict processing. Where we rely on legitimate interests as the legal basis for processing, you may object to the processing or request that we restrict the processing of your personal data. This includes the right to object to direct marketing.

  • Right to erasure (“right to be forgotten”). In certain circumstances, you may request deletion of your personal data, for example, where it is no longer necessary, you withdraw consent, or the processing is unlawful. We may be unable to comply if we need the data to comply with legal obligations or to defend legal claims, among other reasons.

  • Right to withdraw consent. Where we rely on your consent, you may withdraw it at any time. Withdrawal applies only to future processing and does not affect previous processing conducted prior to withdrawal.

  • Right to complain. You have the right to complain to a data protection authority in your country or region about our handling of your personal data.

 

If you reside in California, PRC or another jurisdiction with specific privacy laws, additional rights may apply. These are summarised below.

 

California residents

If you are a “consumer” as defined by the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act, the categories of personal information collected, disclosed or “sold” or “shared” within the last 12 months include: identifiers (e.g., name, IP address), personal information under the California Customer Records law (contact and financial information), protected classification characteristics (e.g., age, gender), commercial information (transaction history), internet or network activity information, geolocation data, audio/visual information, professional or employment information, inferences drawn from other personal information, and sensitive personal information (such as race or religion). We may use or disclose this information for our operational purposes described above.

 

As a California resident you have, subject to legal exceptions, the right to know what personal information we collected and how we used and disclosed it, the right to correct inaccurate information, the right to request deletion of your information, the right to opt out of the sale or sharing of personal information, and the right not to be discriminated against for exercising these rights. To exercise your rights, please contact us using the methods listed below. Requests made through an authorised agent will require proof of authorization.

PRC residents

If you are a resident of the People’s Republic of China (PRC), we process certain categories of Sensitive Information (as defined by PRC law) for the operational purposes described above, such as responding to inquiries, providing customer service, processing orders, verifying your identity, hosting you at our offices, managing your accounts, and complying with legal obligations. The categories of Sensitive Information include personal property information (e.g., bank account, credit history), health information (e.g., medical history), biometric information (e.g., fingerprints, voice prints), identification documents (e.g., ID card, passport) and other sensitive information (e.g., marital status, religious beliefs). We only collect such data to the extent permitted by law and do not sell it.

 

We will not provide your personal data in the PRC to any government authorities outside the PRC unless we have obtained the Chinese government’s approval. Transfers of personal data outside the PRC will only occur when permitted by PRC law, such as when appropriate cross‑border transfer agreements or security assessments are in place or when we have obtained the necessary certifications.

 

How to contact us

If you have any questions about this Privacy Statement or wish to exercise your rights, please contact our Privacy Team via the “Contact” form in the website.

When contacting us, please include your name, email address, the nature of your inquiry and, if relevant, any accessibility accommodations you require. We may need to verify your identity before processing certain requests.

 

Changes to this statement

We may update this Privacy Statement from time to time to reflect changes in our practices or legal requirements. When we do, we will post the revised statement with a new effective date. Please check this page periodically to stay informed about how we protect your data.

 

© 2025 Happy Composites. All Rights Reserved.

bottom of page