Privacy Policy for gdbostan.com
1. Introduction
At gdbostan.com (“we,” “us,” “our”), we are strongly committed to respecting and protecting the privacy and personal data of our users (“you,” “your”). This Privacy Policy outlines how we collect, use, store, protect, and share personal information in accordance with the European Union General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws. We take a privacy-first approach, ensuring our processes reflect transparency, control, and accountability.
Your trust is important to us, and we take our responsibility to protect your data seriously.
2. Scope of the Policy & Data Controller Role
This Privacy Policy applies to all users of gdbostan.com and to all personal data collected when you interact with the website or communicate with us via email at [email protected]. gdbostan.com, as the data controller, is responsible for determining the purposes and means of processing your personal data.
This policy covers how data is processed through your interactions with gdbostan.com, including through browsing, account creation, purchasing, and customer support.
3. Categories of Personal Data Processed
We may collect and process the following categories of personal data where appropriate:
a. Usage Data
Collected automatically during your visit to gdbostan.com. Includes browser type, IP address, device identifiers, time zone, access times, referring URLs, and pages viewed. Collected through server logs and cookies.
b. Account Data
Collected during account registration or checkout. Includes full name, billing and shipping addresses, email address, and phone number.
c. Profile Data
Generated based on your interactions and preferences. Includes purchase history, saved items, behavioral data, and user settings.
d. Communication Data
Collected when you communicate with us via contact forms, email, or support channels. Includes messaging content, support tickets, and correspondence history.
e. Technical Data
Collected through automated systems. Includes device identifiers, operating system, browser configuration, internet service provider, and certain diagnostics.
f. Transaction Data
Collected during purchases or financial transactions. Includes payment details (partially anonymized as required), order details, delivery instructions, invoicing data, and fulfillment status.
g. Preference Data
Collected based on your interaction with consent banners or profile settings. Includes marketing consents, product interest selections, and newsletter subscription status.
4. Legal Bases for Processing
We collect and process your personal data only where we have a lawful basis under applicable laws, including:
– Consent: When you provide explicit permission (e.g., marketing emails).
– Contractual Necessity: To perform obligations under a contract with you (e.g., order fulfillment).
– Legitimate Interests: To operate and improve gdbostan.com (e.g., analytics), where such interests are not outweighed by your rights.
– Legal Obligation: To comply with applicable laws or regulatory requirements.
5. Your Rights
You retain the following rights in respect to your personal data, subject to verification and limitations permitted by law:
– Right to Access: You may request a copy of the personal data we hold.
– Right to Rectification: You can request correction of inaccurate or incomplete personal data.
– Right to Erasure: You may request deletion of your personal data under certain circumstances.
– Right to Restriction: You have the right to restrict processing if you contest data accuracy or the legality of our processing.
– Right to Data Portability: You may request your personal data in a structured, machine-readable format for transfer to another data controller.
To exercise these rights, please contact us at [email protected].
6. Security Measures
We employ comprehensive technical and organizational measures to protect your data, including but not limited to:
– SSL/TLS encryption for all data transfers
– Role-based access control
– Secure backup and recovery mechanisms
– Endpoint security solutions
– Internal staff training on data protection and privacy
While we implement robust measures, no system is completely secure. We advise users to take personal precautions in safeguarding account access.
7. International Data Transfers
Where your data is transferred outside the European Economic Area (EEA) or California, we ensure such transfers are conducted in compliance with applicable laws. This includes the use of Standard Contractual Clauses adopted by the European Commission, and efforts to assess the security and legal frameworks of recipient jurisdictions.
Where necessary for service provision, your data may be securely transferred to vendors or affiliates in countries with differing legal standards. In all cases, your information is protected by enforceable and lawful safeguards.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes outlined in this Privacy Policy or as required by law. Retention periods by category are as follows:
– Account Data: Retained for the life of the account and six months beyond deactivation.
– Transaction Data: Retained for tax and audit compliance for a minimum of 7 years.
– Communication Data: Retained for 36 months following last contact.
– Usage, Profile, and Preference Data: Retained for 24 months unless extended for legitimate analytics purposes.
– Technical Data: Retained for 12 months, unless part of security logs which may be retained longer where required.
9. Cookie Policy
gdbostan.com uses cookies and similar tracking technologies for various purposes:
– Essential Cookies: Necessary for site functionality, login, security, and purchases.
– Functional Cookies: Enable enhanced features and personalization.
– Analytics Cookies: Help measure site traffic, usage patterns, and performance.
– Performance Cookies: Improve loading speeds and UX consistency.
These cookies are either set directly by us or by our trusted third-party service providers.
10. Cookie Management and Compliance
On your first visit to gdbostan.com, you will be presented with a cookie consent banner enabling you to accept or manage your preferences. At any time, you may adjust your settings or revoke consent via the “Cookie Settings” link typically located in the site footer.
We implement cookie consent mechanisms in compliance with GDPR and provide a “Do Not Sell or Share My Personal Information” link in accordance with the CCPA.
11. Children’s Data
gdbostan.com does not knowingly collect or solicit personal data from children under the age of 13. If we learn that personal information from a child under 13 has been collected, we will delete it as quickly as possible.
If you believe that a child under 13 has provided us with personal data, please contact us at [email protected].
12. Policy Updates
We may revise this Privacy Policy from time to time, and any changes will be reflected on this page. When updates are significant, we will take reasonable steps to notify registered users and obtain updated consents where legally required.
Your continued use of gdbostan.com constitutes your understanding and acceptance of the current Privacy Policy.
13. Contact
If you have any questions, concerns, or requests related to this Privacy Policy or the handling of your personal data, please contact us at:
Email: [email protected]
We are committed to complying fully with applicable data protection regulations, and to resolving any concerns quickly and transparently.