Privacy Policy
Last updated: March 26, 2026 · Effective date: January 1, 2026
SinoMDB Ltd. ("SinoMDB", "we", "us", or "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website at sinomdb.com and our related services.
This policy complies with the EU General Data Protection Regulation (GDPR), the UK GDPR, and relevant US privacy regulations including the California Consumer Privacy Act (CCPA).
1. Data Controller
The data controller responsible for your personal data is:
SinoMDB Ltd.
Central, Hong Kong SAR
Coordination offices in Beijing & Shanghai, China
Email: [email protected]
2. Personal Data We Collect
We collect the following categories of personal data:
We do not collect any sensitive health or medical data directly. Any health-related queries you make are processed solely to deliver search results and are not stored as part of a health profile.
Identity Data
Full name, account username.
Contact Data
Email address, WhatsApp/phone number (if provided).
Account & Subscription Data
Membership plan selected, subscription preferences.
Technical Data
IP address, browser type, device identifiers, time zone, operating system, referral URL.
Usage Data
Pages viewed, features used, search queries within the platform, session duration.
Consent Records
Records of your consent choices, including acceptance of these terms and marketing opt-in/out status, with timestamps.
3. Legal Basis for Processing (GDPR)
Consent (Art. 6(1)(a))
When you tick the consent boxes in our registration form — for processing your personal data and for receiving marketing communications. You may withdraw consent at any time.
Contractual Necessity (Art. 6(1)(b))
To provide the services you subscribed to, including account creation and service delivery.
Legitimate Interests (Art. 6(1)(f))
To improve our platform, prevent fraud, and ensure security of our systems.
Legal Obligation (Art. 6(1)(c))
Where required by applicable law or regulation.
4. How We Use Your Data
- Create and manage your SinoMDB account
- Deliver the subscription plan features you have selected
- Send service-related communications (account confirmations, payment receipts)
- Send marketing emails and newsletters — only if you have explicitly opted in
- Analyse platform usage to improve our services
- Comply with legal obligations
- Prevent fraud and ensure platform security
6. Data Retention
We retain your personal data only for as long as necessary for the purposes outlined in this policy, or as required by law:
- Active account data: For the duration of your subscription + 2 years after cancellation
- Consent records: 5 years (required for legal compliance)
- Usage analytics (anonymised): Up to 26 months
- Marketing preferences: Until you withdraw consent or unsubscribe
7. Your Rights Under GDPR / CCPA
To exercise any of these rights, please email us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority (e.g., ICO in the UK, your EU Member State's DPA).
Right to Access
Request a copy of the personal data we hold about you.
Right to Rectification
Correct inaccurate or incomplete data.
Right to Erasure
"Right to be forgotten" — request deletion of your data.
Right to Portability
Receive your data in a structured, machine-readable format.
Right to Object
Object to processing based on legitimate interests or direct marketing.
Withdraw Consent
Withdraw previously given consent at any time without affecting prior processing.
8. Data Sharing & Third Parties
We do not sell your personal data. We may share data with trusted third-party service providers who process data on our behalf, under strict data processing agreements:
Where data is transferred outside the EEA/UK, we ensure adequate protections are in place (Standard Contractual Clauses or equivalent safeguards).
- Email delivery providers (for transactional and marketing emails)
- Cloud hosting and infrastructure providers
- Analytics platforms (anonymised data only)
- Payment processors (for subscription billing)
9. Marketing Communications
We will only send you marketing emails if you have explicitly opted in by checking the marketing consent box during registration. Every marketing email we send includes a clear and easy one-click unsubscribe link in compliance with the CAN-SPAM Act and GDPR.
To unsubscribe at any time, click the "Unsubscribe" link in any email, or email us at [email protected].
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email (if you have an account) and by posting the new policy on this page with an updated "Last updated" date. Continued use of our services after the effective date constitutes acceptance of the revised policy.
Contact & Data Requests
For any privacy-related queries, data access requests, or to exercise your rights: