1. Personal Data
Personal data refers to information that can be used to identify an individual, either on its own or in combination with other information. Such data is provided by you when using our website, products, or services, or when interacting with us. We may also obtain data by recording how you interact with our website, products, or services through technologies such as cookies. The types of data we collect depend on the specific website you visit or the products and services you use and may include personal information such as your name, address, email address, and telephone number. The purpose of collecting personal data is to contact you, provide appropriate services, and send important notices.

​2. Privacy Commitment​
Guangdong Lvtopsun New Energy Co., Ltd. and its global subsidiaries (hereinafter referred to as “Lvtopsun,” “we,” “us,” or “our”) recognize the importance of personal data to our customers and users. Therefore, Lvtopsun places great emphasis on protecting the personal data of our customers and users and has implemented a series of measures to ensure that our operations comply with applicable personal data protection regulations (e.g., GDPR).
2.1 Lvtopsun has appointed a Data Protection Officer (DPO) to ensure the effective implementation of personal data protection requirements.
2.2 Lvtopsun adopts industry-recognized methods and best practices for personal data protection. In business scenarios where the GDPR applies, we utilize the Data Protection Impact Assessment (DPIA) methodology to evaluate and mitigate personal data security risks in our products and services.
2.2.1 Lvtopsun requires a comprehensive assessment of all personal data involved in products and services, with items involving personal data subject to DPIA.
2.2.2 Projects involving personal data must establish data inventories and data flow diagrams.
2.2.3 Projects involving personal data must identify potential risks during data processing (including collection, use, storage, sharing, deletion, etc.) and implement appropriate measures (including managerial, physical, and technical measures) based on risk levels.
2.2.4 Upon completion of the DPIA, a corresponding report shall be produced and approved by the DPO.
2.3 Lvtopsun implements technical measures such as intrusion detection, access control, encryption, data leakage prevention, anti-spam, terminal security protection, and vulnerability scanning. The effectiveness of these personal data protection measures is verified through penetration testing.
2.4 Lvtopsun has established an emergency response mechanism for personal data breaches. In the event of a breach, we will immediately activate emergency procedures to minimize potential losses and ensure affected individuals are duly notified.
2.5 Lvtopsun has implemented ongoing employee training on privacy policies to ensure that every employee involved in GDPR-related tasks accurately understands data protection legal principles based on their specific roles and strictly adheres to the company’s applicable systems and processes.
2.6 To ensure compliance, Lvtopsun conducts necessary technical and procedural audits for personal data protection.
Personal data protection is not only a legal requirement but also a corporate social responsibility. Lvtopsun will continue to optimize its products and services to safeguard security and privacy, reducing personal data protection risks for our customers and users.

​3. Policy Updates​
Lvtopsun reserves the right to update or modify this policy from time to time. Any changes to this policy will be posted here in the latest version. If significant changes are made to the privacy policy, we may also notify you through various channels, such as posting a notice on our website or sending a separate notification.