Privacy Policy
Last Updated: March 26, 2026
This Privacy Policy describes how HYH America Inc., doing business as ARIH ("ARIH," "we," "us," or "our"), collects, uses, discloses, and otherwise processes personal information when you visit, use, or interact with our Shopify storefront, our branded promotional websites, campaign landing pages, social media pages that link to this Privacy Policy, and any related products or services that link to this Privacy Policy (collectively, the "Services").
We are committed to collecting and using personal information in a manner that is transparent, limited to what is necessary, and consistent with applicable law. You are not required to provide personal information; however, if you do not provide certain information, we may not be able to provide some or all of the Services.
By accessing or using the Services, you acknowledge the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Services.
1. Scope of This Privacy Policy
This Privacy Policy applies to personal information collected online through the Services and through related communications with us, including customer support, marketing sign-up forms, surveys, promotional campaigns, and other interactions tied to ARIH.
For purposes of this Privacy Policy, “personal information” has the meaning set forth under applicable law, including the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”), and includes information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked with a particular individual or household.
We collect only the personal information that is reasonably necessary for the purposes described in this Privacy Policy.
This Privacy Policy does not apply to third-party websites, apps, platforms, or services that are not owned or controlled by ARIH, even if they are linked from the Services. Those third parties have their own privacy policies and terms.
2. Categories of Personal Information We Collect
A. Personal Information We Collect Directly From You
- Identifiers and contact details, such as your name, email address, phone number, and shipping or billing address.
- Order and transaction information, such as products purchased, cart contents, order totals, order history, returns, exchanges, refunds, and payment confirmation details.
- Account and profile information, if account creation or login functionality is offered, such as username, password, account preferences, and saved information.
- Marketing preferences and communication preferences, such as newsletter sign-ups, SMS or text message consent, and opt-out choices.
- Communications and support content, such as messages you send to us, survey responses, product reviews, testimonials, feedback, giveaway or sweepstakes entries, and other information you choose to provide.
If you submit content (including reviews, testimonials, photos, or social media content), you acknowledge that such content may be publicly displayed and may be used by ARIH for marketing, promotional, or commercial purposes without further notice or compensation, to the extent permitted by law.
B. Information we collect automatically may include:
- Device and browser information, such as browser type, device type, operating system, language settings, and identifiers associated with your browser or device.
- Internet and network activity information, such as IP address, pages viewed, links clicked, referring and exit pages, approximate geolocation derived from IP address, time spent on pages, and interaction with content, ads, or emails.
- Cookie, pixel, tag, SDK, and similar technology data collected through Shopify features and through tools used for site functionality, analytics, advertising, performance, fraud prevention, and preference management.
C. Information we receive from third parties may include:
- Ecommerce, payment, fulfillment, fraud prevention, customer support, analytics, advertising, social media, and technology vendors that support the Services.
- Marketing, advertising, and social media partners when you interact with our ads, campaigns, or content on third-party platforms.
- Other users or public sources, for example if content about ARIH is tagged, posted publicly, or submitted to us for reposting or customer engagement purposes.
D. Combined datasets
- We may combine information that we collect from different sources for the purposes described in this Privacy Policy.
- We may also create de-identified or aggregated data that cannot reasonably be used to identify you, and we may use and disclose such data for any lawful purpose.
3. How We Use Personal Information
- To provide, operate, maintain, troubleshoot, and improve the Services.
- To process and fulfill orders, payments, shipping, returns, exchanges, refunds, and customer service requests.
- To create, maintain, and service customer accounts and profiles, if account functionality is offered.
- To communicate with you about your orders, account, inquiries, promotions, events, surveys, or other brand communications.
- To personalize your experience and improve product recommendations, site content, and campaign effectiveness.
- To run analytics, measure performance, understand engagement, and improve our products, Services, and marketing.
- To detect, investigate, prevent, and address fraud, security incidents, misuse, unlawful activity, and violations of our terms or policies.
- To comply with legal, regulatory, tax, accounting, reporting, and compliance obligations.
- To establish, exercise, or defend legal claims and protect our rights, property, users, personnel, and business operations.
- To deliver targeted advertising, measure advertising effectiveness, and conduct cross-context behavioral advertising, where permitted by law.
- To create audience segments, perform profiling for marketing purposes, and improve campaign performance, where permitted by law.
We process personal information where we have a valid legal basis, including to perform Services, comply with legal obligations, pursue our legitimate interests, or based on your consent where required.
4. How We Disclose Personal Information
- Service providers and contractors that help us operate our business, including hosting, ecommerce, payment processing, order management, fulfillment, shipping, data analytics, customer support, fraud prevention, cloud storage, and security providers.
- Marketing, advertising, and social media partners, including partners that help us run campaigns, measure performance, and deliver content or advertisements on our Services or on third-party services.
- Affiliates, parents, subsidiaries, and related entities within our corporate group, where relevant to business operations and permitted by law.
- Professional advisors, such as auditors, insurers, accountants, consultants, and attorneys.
- Government entities, regulators, law enforcement, courts, counterparties, or other third parties where disclosure is required by law or reasonably necessary to protect rights, safety, property, or legal interests.
- Parties involved in an actual or proposed business transaction, such as a financing, merger, acquisition, restructuring, or sale of assets.
We do not sell personal information for monetary consideration. However, certain disclosures involving cookies, pixels, identifiers, and online activity may constitute sharing under applicable law. See Section 7 for additional details.
5. Cookies, Pixels, Analytics, and Similar Technologies
We and our service providers may use cookies, pixels, web beacons, SDKs, tags, local storage, and similar technologies to keep the Services functioning, remember your preferences, support checkout and shopping cart features, analyze usage, measure campaign performance, detect fraud, and support advertising or marketing activities. Some of these technologies are placed by Shopify or Shopify-related services, and others may be placed by third-party tools that we use.
These technologies may collect information about your interactions with the Services and, in some cases, across different websites, devices, and services over time for analytics, personalization, and advertising purposes.
You can manage some cookie settings through your browser or device controls. However, blocking or disabling certain cookies may affect site functionality, checkout, saved preferences, or performance.
If we deploy cookie consent tools or privacy banners, your choices will apply according to the scope of those tools and applicable law.
6. Your Privacy Rights
Depending on where you live and subject to applicable law, you may have the right to know or access the categories of personal information we collect, use, disclose, sell, or share, as well as specific pieces of personal information in some circumstances. You may also have the right to request correction of inaccurate personal information, request deletion of personal information, request a portable copy of certain personal information, opt out of sale, sharing, or targeted advertising, limit certain uses or disclosures of sensitive personal information where applicable, withdraw consent where applicable, appeal a decision, and receive equal service and price without discrimination.
You also have choices regarding how we use your personal information, including the ability to opt out of marketing communications, control cookies and tracking technologies, opt out of targeted advertising where required by law, and access, update, or delete your account information. To exercise your rights, you may submit a request using the Contact Us section or available tools on the Services, including any “Do Not Sell or Share” link where applicable.
We may verify your identity before processing your request and may deny or limit requests where permitted by law, including where fulfilling the request would conflict with legal obligations, interfere with security or fraud prevention, compromise the rights of others, or where the request is excessive or unfounded.
If you are entitled to appeal, you may do so by responding to our denial notice or contacting us with “Privacy Appeal” in the subject line.
Where applicable, you may object to or request restriction of certain processing, and where we rely on consent, you may withdraw consent at any time.
We use personal information to protect the security and integrity of our Services and prevent fraud.
Where required by applicable law, we will treat an enabled Global Privacy Control or similar legally recognized browser-based opt-out preference signal as a request to opt out of sale or sharing for the browser or device associated with that signal, subject to the scope and technical capabilities of our systems and vendors. Except as described above for legally recognized opt-out preference signals, our Services do not currently respond to browser-based Do Not Track settings except where legally required.
| Category | Examples | Sources | Business/Commercial Purpose | Typical recipients | Sale / Share note |
|---|---|---|---|---|---|
| Identifiers / contact data | Name, email, phone number, billing / shipping address, account ID | Directly from you; automatically; third parties | Order fulfillment, account management, communications, marketing | Service providers; affiliates; advisors; legal / transactional recipients | May be implicated if ad-tech or retargeting tools are used |
| Commercial information | Orders, cart contents, purchase history, returns, exchanges | Directly from you; service providers | Transactions, analytics, personalization | Service providers; affiliates; advisors | May be implicated if purchase data is used for ad measurement or targeted advertising or analytical purposes |
| Internet / network activity | IP address, browser data, pages viewed, clicks, interactions with ads or emails | Automatically collected; partners | Analytics, fraud prevention, advertising | Service providers; marketing / analytics partners | Typically implicated for targeted advertising |
| Approximate geolocation | Location derived from IP address or device signals | Automatically collected | Personalization, analytics, fraud prevention | Service providers; marketing / analytics partners | May be implicated |
| Customer communications / UGC | Messages, reviews, survey responses, testimonials, campaign submissions | Directly from you | Customer support, marketing, engagement | Service providers; affiliates; advisors | Typically not, unless used in targeted advertising |
| Sensitive personal information | Limited data such as account credentials or payment-related data handled through processors | Directly from you | Account security, transaction processing | Service providers; legal / compliance recipients | Not sold or shared; not used to infer characteristics |
7. Categories of Data Typically Implicated
We do not sell personal information for monetary consideration. However, depending on applicable law, certain disclosures involving cookies, pixels, analytics, identifiers, browsing activity, and advertising-related data may constitute a “sale,” “sharing,” or targeted advertising. The categories most commonly implicated are identifiers, commercial information, internet or network activity, and approximate geolocation derived from IP address.
8. Sensitive Personal Information
To the extent we collect sensitive personal information such that you may voluntarily provide, we do not use or disclose it for the purpose of inferring characteristics about you without your consent, and we use it only as reasonably necessary to provide requested products or services, protect security, comply with law, or for other purposes permitted by applicable law.
9. Data Retention
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations, including to provide the Services, complete transactions, maintain business and tax records, resolve disputes, enforce our agreements, and comply with applicable legal obligations.
Even after deletion requests, we may retain certain information as required for legal compliance, fraud prevention, tax reporting, or dispute resolution.
Retention periods vary based on the type of information, the context in which it was collected, the nature of our relationship with you, and our legal, operational, and compliance needs.
When we no longer need personal information for the purposes described in this Privacy Policy, we will delete it, de-identify it, or securely dispose of it, unless continued retention is required or permitted by law.
10. Security
We use reasonable administrative, technical, and physical safeguards designed to protect personal information.
No method of transmission over the internet or method of electronic storage is completely secure. Accordingly, we cannot guarantee absolute security.
You are responsible for maintaining the confidentiality of any account credentials that you use with the Services and for notifying us promptly if you believe your account has been compromised.
11. Children's Privacy
Our Services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13 without legally required authorization.
If we learn that we have collected personal information from a child under 13 in a manner inconsistent with applicable law, we will take appropriate steps to delete that information.
If you believe that a child may have provided personal information to us, please contact us using the information below.
12. Third-Party Sites, Platforms, and Features
Our Services may link to third-party websites, platforms, plug-ins, widgets, social media tools, or applications. We do not control those third parties and are not responsible for their privacy or security practices.
If you interact with third-party services, your information may be collected and processed by those third parties under their own terms and privacy policies.
13. International Users
ARIH is based in the United States, and your personal information may be transferred to, stored in, or processed in the United States and other countries where we or our service providers operate.
Those countries may not provide the same level of data protection as your home jurisdiction.
If we choose to offer products or services into jurisdictions with specific international transfer requirements, we may implement supplemental measures or notices as required by applicable law.
Where required, we may rely on appropriate safeguards, such as contractual protections, for cross-border data transfers.
If you access the Services from outside the United States, you acknowledge that your information may be transferred to and processed in the United States.
14. Automated Decision-Making
We do not engage in automated decision-making that produces legal or similarly significant effects without human involvement.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other operational reasons.
When we do, we will update the Last Updated date at the top of this Privacy Policy and post the revised version through the Services.
16. Contact Us
If you have questions about this Privacy Policy or would like to submit a privacy rights request, please contact us at:
HYH America Inc. (ARIH)
3349 Michelson Dr. Suite 200
Irvine, CA 92612