Privacy policy

Last updated: April 25, 2026

Privacy Policy

WAYOU Pte. Ltd. ("we", "us", or "our") is committed to safeguarding your privacy and protecting your personal data in accordance with the Personal Data Protection Act 2012 ("PDPA") of Singapore and other applicable data privacy protection laws. This Privacy Policy ("Policy") explains how we collect, use, disclose, and protect your personal data when you interact with our website, purchase our products, subscribe to our services, or otherwise engage with us.

By using our website (the "Website") and providing your personal data, you consent to the practices described in this Policy. If you do not agree with the terms of this Policy, please do not use our Website or provide any personal data to us.

1. What Personal Data We Collect

Personal data means any information that can identify you, directly or indirectly. We collect personal data in the following ways:

1.1 Data Collected Directly from You

  • Orders and Purchases: Name, email address, phone number, billing and shipping addresses, payment card details (processed securely by third-party payment providers such as Shopify Payments and PortOne; we do not store your full card details on our servers), and delivery preferences.
  • Customer Support and Inquiries: Name, contact details, product inquiries, skin type/sensitivity (if voluntarily provided), and any other details you share.
  • Marketing and Newsletter Subscriptions: Email address and marketing preferences.
  • Promotions, Surveys, and Reviews: Opinions, feedback, and demographic information you voluntarily provide.

1.2 Data Collected Automatically

  • Technical Data: IP address, browser type, device information, operating system, pages viewed, time spent on pages, and referral sources.
  • Usage Data: Clickstream data, search queries, products viewed, cart abandonment.
  • Cookies and Tracking Technologies: For more details, please see Section 9.

1.3 Data from Third Parties

  • Payment Processors, Shipping Couriers, Fraud Detection Services: Data for payment verification, fraud prevention and order fulfilment.
  • Marketing Partners: Data shared (with consent) for analytics or personalized marketing.

2. How We Use Your Personal Data

We collect and use your personal data for the following purposes:

  • Order Fulfillment: To process your orders, including payment, shipping, and handling refunds or exchanges.
  • Customer Support: To respond to your inquiries and assist you with any issues.
  • Transactional Communications: To send order confirmations, shipping updates, and other essential notifications.
  • Website Improvement: To improve our Website, products, and services using analytics.
  • Marketing: To send promotional content, special offers, updates, and information about new products, with your opt-in consent. You may unsubscribe or opt out at any time.
  • Legal Compliance and Fraud Prevention: To comply with applicable laws, regulations, and to prevent fraud or unauthorised activity.

We collect only the personal data necessary for these purposes and will seek your explicit consent where required.

3. Consent

By providing personal data, you consent to its collection and use as outlined in this Policy. Your consent is required for certain activities. You may withdraw your consent at any time by contacting our Data Protection Officer at dpo@wayoucare.com.

Please note that withdrawing consent may affect your ability to use certain services.

4. Sharing and Disclosure of Personal Data

We do not sell, rent, or trade your personal data. We may share your personal data with the following parties:

  • Affiliates and Subsidiaries: For fulfillment and operational purposes.
  • Service Providers: Including payment processors (Shopify Payments and PortOne), shipping partners, email platforms, cloud hosts, and analytics tools. All third parties are bound by data processing agreements ensuring compliance with the PDPA.
  • Professional Advisors: Lawyers, accountants, and auditors, under confidentiality.
  • Authorities: If required by law, courts, or regulatory bodies.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets (with notice).

5. Cross-Border Transfers

Personal data may be transferred to:

  • Our regional distribution centre in Taiwan: For fulfillment purposes.
  • Third-party service providers (including Shopify and PortOne), who may host or process data on servers located outside Singapore.

These parties are contractually obligated to protect your data in accordance with the PDPA. By using our services, you consent to these cross-border transfers.

6. Data Security

We take reasonable steps to protect your personal data with:

  • Encryption: For data at rest and in transit (e.g., HTTPS, AES-256).
  • Access Controls: Role-based access and multi-factor authentication.
  • Security Audits: Regular vulnerability scans and staff training.
  • Secure Payment Processing: PCI DSS-compliant systems for payment security.

However, no data transmission is 100% secure. We limit liability for breaches outside our control but will notify you and the PDPC (if applicable) within 72 hours if a breach is deemed high-risk.

7. Data Retention and Destruction

We retain your personal data only as long as necessary:

  • Orders: Retained for 7 years to comply with tax and audit laws.
  • Marketing Data: Until you opt-out.
  • Anonymised Analytics: Retained indefinitely.

Data is securely deleted, anonymized, or destroyed when no longer needed.

8. Your Rights Under PDPA

You have the right to:

  • Access: Request a copy of your personal data (a small fee may apply for excessive requests).
  • Correct: Request corrections to any inaccuracies.
  • Withdraw Consent: You may withdraw your consent at any time, subject to legal obligations.
  • Delete: Request deletion, except where data retention is required for legal reasons.

For any of the above requests, please contact our Data Protection Officer (DPO) at dpo@wayoucare.com.

9. Cookies and Tracking Technologies

Our Website uses cookies to enhance your experience. Cookies can be categorized as:

  • Essential Cookies: For site functionality (e.g., cart persistence).
  • Analytics Cookies: To analyze Website usage (e.g., Google Analytics, with IP anonymization).
  • Marketing Cookies: For personalized advertising (with your consent).

You can manage cookies through your browser settings or our cookie banner. Third-party cookies are also used (please refer to their policies for more information).

10. Children's Privacy

Our products are not intended for children under 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a child, please contact us immediately to have the data removed.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with the effective date. Significant changes may also be communicated via email. Continued use of the Website after any changes constitutes acceptance of the revised Policy.

12. Complaints and Contact Information

If you have any questions or concerns about this Policy, or if you wish to lodge a complaint, please contact:

Data Protection Officer
Email: dpo@wayoucare.com

If you are not satisfied with our response, you can lodge a complaint with the Personal Data Protection Commission (PDPC) at www.pdpc.gov.sg.

13. Governing Law

This Privacy Policy is governed by Singapore law, and any disputes related to this Policy shall be subject to the jurisdiction of Singapore courts.

Thank you for trusting us with your data.