Privacy Policy for Baroptic
At Baroptic.com, we are committed to protecting your personal data and safeguarding your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We prioritize transparency and accountability in all our data processing activities to ensure that your privacy rights are respected at all times.
1. Scope and Data Controller
This Privacy Policy applies to personal data collected through your use of our website, baroptic.com, and any related services, products, or communications offered through the site. Baroptic.com is the data controller for the purposes of GDPR and responsible for determining the purposes and means of processing your personal data.
For inquiries regarding the processing of your personal data, you may contact us at [email protected].
2. Categories of Personal Data Processed
We collect and process the following categories of personal data to operate baroptic.com and provide you with our services:
Usage Data:
Includes data such as your browser type, IP address, time zone, location data, referral URLs, session duration, and pages visited on baroptic.com.
Account Data:
Personal identifiers such as your name, billing/shipping address, email address, and phone number provided during user registration or checkout processes.
Profile Data:
Data associated with your preferences, account settings, past purchases, product reviews, login history, and interaction patterns with our services.
Communication Data:
We retain records of queries you submit through contact forms, customer support requests, email communication, and any other correspondence for service and quality purposes.
Technical Data:
Comprises technical identifiers including device model, operating system, browser plugins, network identifiers, and configuration settings as collected by cookies or other diagnostic tools.
Transaction Data:
Includes purchase history, payment confirmations, order details, delivery tracking, and invoicing records necessary for contract fulfillment and accounting obligations.
Preference Data:
Covers your selections for marketing communications, language preferences, product categories of interest, and cookie consent choices.
3. Legal Bases for Processing
We process personal data for one or more of the following lawful bases under GDPR and CCPA:
– Consent: When you have given clear permission for us to process your personal data for a specific purpose (e.g., newsletter subscriptions, marketing).
– Contractual Necessity: When processing is necessary to perform a contract with you or take steps at your request prior to entering into a contract (e.g., fulfilling orders).
– Legal Obligation: Where we are required to process data to comply with legal or regulatory requirements (e.g., tax and consumer protection laws).
– Legitimate Interests: For purposes of improving our services, preventing fraud, ensuring network and information security, and delivering relevant content, unless those interests are overridden by your rights or interests.
4. Your Rights
Under applicable data protection laws, you have the following rights concerning your personal data:
– Right of Access: You may request confirmation as to whether or not we process your personal data and obtain a copy of such data.
– Right to Rectification: You are entitled to request correction of inaccurate or incomplete personal information we may hold.
– Right to Erasure: Also known as the “right to be forgotten,” you may request deletion of your personal data under certain legal conditions.
– Right to Restrict Processing: You may ask us to limit the use of your personal data where you dispute its accuracy, object to processing, or require it for legal claims.
– Right to Data Portability: You may request your personal data be provided in a structured, commonly used, and machine-readable format to transfer to another controller.
You may exercise these rights by contacting us at [email protected]. We may require verification before processing your request.
5. Security Measures
We implement appropriate technical and organizational security measures to safeguard your personal information against unauthorized access, disclosure, alteration, and destruction. These measures include but are not limited to:
– Data encryption in transit and at rest
– Access control and role-based authorization
– Regular backup procedures and disaster recovery planning
– Employee training on information security and data protection
6. International Transfers
As Baroptic.com may utilize service providers or partners located outside the European Economic Area (EEA), we ensure that all international data transfers comply with applicable data protection obligations. Where necessary, such transfers are governed by standard contractual clauses approved by the European Commission or equivalent data transfer mechanisms under relevant law.
7. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by applicable legal, regulatory, tax, or accounting obligations. Retention periods include:
– Account Data: Retained for the duration of your account and up to 6 years thereafter.
– Transaction Data: Retained for 7 years to comply with legal accounting obligations.
– Usage, Technical, and Profile Data: Typically retained for 24 months unless anonymized.
– Communication Data: Retained for up to 36 months following resolution.
– Preference Data: Retained until updated or revoked.
8. Cookie Policy
Baroptic.com uses cookies and similar technologies for the following purposes:
Essential Cookies: Required for website functionality, such as enabling secure login and order processing.
Functional Cookies: Enhance user experience by remembering language choices, currency settings, and customized preferences.
Analytics Cookies: Help measure website traffic and user interaction via tools such as Google Analytics; used to optimize performance.
Performance Cookies: Monitor server load, uptime, and response times to maintain a consistent user experience.
We do not place non-essential cookies without user consent, in accordance with GDPR and CCPA requirements.
9. Cookie Management and Compliance
At your first visit, you are presented with a cookie banner allowing you to manage your cookie preferences. You may also configure your browser to delete or block cookies. Please note that disabling some cookies may impact the website’s functionality.
California residents may opt out of the sale or sharing of personal information, and European residents may withdraw consent at any time using our cookie management interface.
10. Children’s Privacy
Baroptic.com does not knowingly collect or solicit personal information from children under the age of 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at [email protected], and we will take steps to remove the information promptly.
11. Updates to This Policy
We may update this Privacy Policy to reflect changes in legal requirements, technology, or our business operations. Updates will be posted on baroptic.com, and where we implement significant changes, we will provide additional notice via email or on-site banners.
12. Contact Information
For all inquiries related to this Privacy Policy, to exercise your rights, or to raise concerns about data privacy, please contact us at:
Email: [email protected]
13. Compliance Statement
Baroptic.com is committed to compliance with all applicable data protection laws, including GDPR and CCPA. If you have concerns regarding your personal data or this Policy, please reach out, and we will respond promptly and clearly.