Privacy Policy
1. Introduction
At GDBostan (accessible via gdbostan.com), we are committed to protecting your privacy and ensuring the security of your personal data. Our privacy-first approach is designed to safeguard your rights and freedoms under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, store, and protect your information when you interact with our website, services, and communications.
2. Scope of this Policy and Data Controller
This Privacy Policy governs the processing of personal data collected through gdbostan.com, as well as any related communications and services we offer. For purposes of GDPR and other relevant data protection laws, GDBostan is the data controller of the personal data you provide to us. Our contact details are provided in Section 13 of this policy.
3. Categories of Data We Process
We collect and process the following categories of personal data:
a. Usage Data:
Information about how you access and use our website, including IP address, browser type, operating system, device identifiers, referring URLs, page views, session duration, and geolocation data (as permitted by your device settings).
b. Account Data:
Information you supply when creating an account, such as your name, physical address, email address, phone number, and other identifying information.
c. Profile Data:
Preferences, product interests, purchase history, behavioral data, and feedback you have shared with us through the use of gdbostan.com or our customer experience surveys.
d. Communication Data:
Records of your interactions with us, including customer support tickets, email correspondence, form submissions, and other engagement history.
e. Technical Data:
Device data including device model, internet connection type, system configuration, software versions, and other diagnostic technical information.
f. Transaction Data:
Details about purchases and transactions made via gdbostan.com, including billing information, delivery details, payment confirmations, and transaction IDs.
g. Preference Data:
Your preferences regarding marketing communications, notification settings, product interests, and consent status for data processing activities.
4. Legal Bases for Processing Personal Data
We process your data based on the following lawful bases:
– Legitimate Interests: To improve our website, customize experiences, prevent fraud, and maintain network and information security, when such interests are not overridden by your data protection rights.
– Contractual Necessity: To fulfill our obligations in connection with purchases, account registration, customer support, and other services you request.
– Consent: For sending marketing communications, using non-essential cookies, or processing sensitive data categories when applicable.
– Legal Obligation: To comply with applicable laws, tax regulations, court orders, or enforceable governmental requests.
5. Your Data Protection Rights
Under GDPR, CCPA, and similar frameworks, you have the following rights with respect to your personal data:
– Right of Access: Obtain details on what personal data we hold about you and why.
– Right to Rectification: Request correction of inaccurate or incomplete information.
– Right to Erasure: Request deletion of your personal data, where legally permissible.
– Right to Restrict Processing: Request temporary cessation of data processing in certain scenarios.
– Right to Data Portability: Receive your personal data in a commonly used and machine-readable format to transmit to another controller.
– Right to Object: Object to processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent: Withdraw any previously given consent at any time without prejudice.
To exercise any of your rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational security measures to protect your personal data, including:
– End-to-end encryption of data transmissions
– Role-based access restrictions
– Secure backups and disaster recovery protocols
– Regular staff training on data privacy practices
– Monitoring of cybersecurity threats and vulnerabilities
While we employ industry standards to secure your information, we remind users that no digital platform is entirely immune from risks.
7. International Data Transfers
If you are located outside of the country from which we operate, please note that your data may be transferred to and stored on servers located outside your country of residence. When transferring personal data internationally, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses or other legally valid transfer mechanisms in accordance with GDPR and CCPA provisions.
8. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including the following timeframes:
– Usage Data: 12 months
– Account and Profile Data: Duration of account activity + 3 years
– Communication Data: 36 months post interaction
– Transaction Data: Retained for legal compliance (typically 7 years)
– Preference Data: Until consent is withdrawn or no longer necessary
Once the applicable retention period expires, your data will be securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies and similar tracking technologies for the following purposes:
– Essential Cookies: Required for core website functionality such as navigation and access to secure areas.
– Functional Cookies: Enhance user experience by remembering preferences and settings.
– Analytics Cookies: Help us understand website performance and user interaction via aggregated statistics.
– Performance Cookies: Observe page load time, error rates, and other system metrics to improve functionality.
These cookies collect data that may qualify as personal data under applicable laws. We use cookies provided by third parties like Google Analytics, subject to their privacy frameworks.
10. Cookie Management and Compliance
You can manage your cookie preferences at any time through our cookie consent banner or settings panel on gdbostan.com, in compliance with GDPR and CCPA requirements for providing clear, affirmative, and revocable consent. Additionally, most browsers allow you to reject or delete cookies either universally or from specific sites.
11. Child Privacy
We do not knowingly collect personal data from children under the age of 13. If we become aware that we have inadvertently collected such information without verifiable parental consent, we will delete it promptly. Parents or guardians who believe that we have collected data from a child may contact us at [email protected].
12. Policy Updates
We reserve the right to modify this Privacy Policy to reflect changes in legal or regulatory obligations, our business practices, or technological advancements. When material changes occur, we will notify you through appropriate channels, including but not limited to website banners, email notifications, or dashboard alerts.
We encourage you to review this policy periodically to remain informed about how we protect your data.
13. Contact Us
If you have any questions, concerns, or requests regarding your privacy or this Privacy Policy, please contact our Data Protection Officer at:
Email: [email protected]
Website: https://gdbostan.com
We are committed to compliance with applicable data protection laws, and we welcome all inquiries related to your data rights and our privacy practices.