EN
EN English DE Deutsch FR Français ES Español
Book a call
Privacy Policy

How Mega Step handles business and inspection data.

This Privacy Policy explains how Mega Step (HK) Ltd. collects, uses, shares and protects personal data in connection with our website, customer communication, inspection services, audits, sample handling, laboratory coordination and digital reporting workflows.

Last updated: 8 June 2026

1. Who is responsible for your data

The data controller is Mega Step (HK) Ltd., Room D, 7/F, Hollywood Centre, 77-91 Queen's Road West, Sheung Wan, Hong Kong. For operational service delivery, Mega Step may also act as a processor where a customer provides inspection, supplier, product or report data and instructs Mega Step how that data should be handled.

2. Data we may collect

Mega Step collects only the information reasonably needed to communicate, quote, plan, perform, document and invoice our services. Depending on the service, this may include:

  • Business contact details such as name, company, job title, email address, booking details and communication history.
  • Customer account and order information such as quotation requests, purchase order references, supplier contacts, factory access details, service dates and invoice details.
  • Inspection and audit materials such as product descriptions, specifications, checklists, AQL settings, packing information, photographs, videos, measurements, defect notes, test documents and report comments.
  • Supplier, factory and logistics information provided by customers or collected during service performance.
  • Technical website data such as IP address, browser type, device information, approximate location, referral URL and basic analytics events.

3. How we collect data

We collect data directly from customers and business contacts, through booking and inspection request channels, during email or messaging communication, from suppliers or factories when they support a service, from inspection activity on site, and from service tools used to prepare, store or deliver reports.

This website does not operate a custom contact form backend in v1. External channels such as booking links, request forms and digital reporting tools may have their own privacy notices.

4. Why we use data

Mega Step uses personal data for legitimate business purposes, contract performance, legal obligations and consent-based activities where required. The main purposes are:

  • Responding to enquiries, preparing quotations and managing customer communication.
  • Planning and performing inspections, factory audits, sample checks, loading checks, sourcing support and laboratory coordination.
  • Creating evidence-based reports, including Qarma online inspection reports where agreed with the customer.
  • Managing follow-up actions, CAPA points, supplier communication and customer visibility.
  • Operating, securing and improving our website, systems, quality workflows and internal administration.
  • Meeting accounting, tax, compliance, dispute handling, anti-fraud and legal requirements.

5. Inspection reports and product evidence

Inspection reports may include product photos, packing photos, label photos, checklist answers, defect classifications, measurements, comments and related order information. Mega Step treats these materials as service records and customer-confidential information. Public website examples are anonymized and should not include real customer names, supplier names, product identifiers or SKU references.

6. Sharing data with service partners

Mega Step may share data with inspectors, auditors, employees, connected inspection partners, laboratories, IT and hosting providers, reporting systems, accounting providers, legal advisers and other service providers where this is necessary for the requested service or for business administration.

Mega Step does not sell personal data. Service providers are expected to handle data only for the relevant service purpose and with appropriate confidentiality and security controls.

7. International transfers

Mega Step works from Hong Kong and China and may support customers, factories, laboratories and partners in other Asian locations. Data may therefore be processed in Hong Kong, Mainland China, Taiwan or other relevant jurisdictions depending on the service location, customer location, reporting platform and service partners involved.

Where cross-border transfer safeguards are required, Mega Step uses contractual, operational and access-control measures appropriate to the service and the data involved.

8. Security

Mega Step applies practical security measures designed for business inspection workflows, including limited access, account-based systems, confidentiality controls, secure communication practices and internal procedures for report materials. No online or email transmission can be guaranteed to be completely secure, so customers should avoid sending unnecessary personal or sensitive data.

9. Retention

Mega Step keeps personal data and service records only for as long as reasonably necessary for the purposes described in this Privacy Policy, including customer support, report traceability, accounting, legal compliance, claim handling and service quality review. Retention periods may vary by data category, customer instruction, contractual requirement and applicable law.

10. Cookies and analytics

The Mega Step website may use essential cookies or similar technologies needed for page delivery, security and basic website operation. If analytics or marketing cookies are added later, the website should describe them clearly and, where required, request consent before they are used.

11. Your rights

Depending on the applicable law and your relationship with Mega Step, you may have the right to request access, correction, deletion, restriction, objection, portability or withdrawal of consent. Some rights may be limited where Mega Step must keep records for contract, legal, accounting, dispute or compliance reasons.

12. Children's data

Mega Step provides business-to-business inspection and quality control services. Our website and services are not directed to children, and we do not knowingly collect children's personal data through this website.

13. Updates to this policy

Mega Step may update this Privacy Policy when services, systems, legal requirements or data handling practices change. The current version is published on this website with the last updated date above.

14. Contact

For privacy questions, report data requests or correction requests, please contact Mega Step (HK) Ltd. through the inspection request or booking channels published on this website.