Privacy Policy for Gel2Root.com
1. Introduction
At Gel2Root.com (“we”, “our”, “us”), we are deeply committed to safeguarding your privacy and protecting your personal data. We recognize the significance of maintaining the confidentiality, integrity, and security of the information you entrust to us. This Privacy Policy outlines our approach to handling your personal information in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant global frameworks. Our goal is to provide transparency and assure you of our privacy-first principles in every interaction with our website.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to the collection, use, disclosure, and retention of personal data when you access or interact with Gel2Root.com, including but not limited to browsing the website, submitting information through contact forms, registering an account, or making a transaction.
Gel2Root.com operates as the data controller for the purposes of the GDPR when determining the purposes and means of processing personal data. If you are a California resident, Gel2Root.com is also the “business” as defined under the CCPA.
3. Categories of Data Processed
We collect and process the following categories of personal data:
a. Usage Data
Includes information such as your IP address, browser type, geographic location, access times, pages viewed, referring URLs, and how you interact with the content of Gel2Root.com.
b. Account Data
Consists of details you provide when registering or managing an account on our website, such as your full name, shipping and billing addresses, email address, and phone number.
c. Profile Data
Encompasses your preferences, purchase history, saved items or wish lists, product interests, and browsing behavior linked to your user profile.
d. Communication Data
Includes any communication you initiate with us, such as customer support inquiries, complaints, or feedback, and may contain message content, timestamps, and contact history.
e. Technical Data
Covers information gathered from the device you use to access the website, such as device type, operating system, hardware model, browser settings, and network information.
f. Transaction Data
Comprises payment details (processed securely via third-party providers), order histories, delivery address, and related fulfillment details associated with purchases made on Gel2Root.com.
g. Preference Data
Pertains to your communication preferences, such as whether you elect to receive marketing emails, opt-in consents, and data related to advertising choices and interests.
4. Legal Bases for Processing
We rely on the following legal bases for processing your personal data:
– Consent: Where you have given explicit consent for the processing of your data, such as subscribing to newsletters or receiving marketing updates.
– Contractual Necessity: When processing is required in order to fulfill a contract with you, such as processing payments or delivering products you ordered.
– Legitimate Interests: For purposes such as enhancing user experience, improving the performance of the website, fraud detection, and communicating with you regarding relevant services, where such interests are not overridden by your fundamental rights and freedoms.
– Legal Obligation: When necessary to comply with applicable statutory or regulatory requirements.
5. Your Rights
Subject to limitations and conditions defined by applicable laws, you have the following rights concerning your personal data:
– Right of Access: Obtain confirmation of whether we process your data and gain access to that data.
– Right to Rectification: Request corrections to inaccuracies or incomplete information.
– Right to Erasure (“Right to Be Forgotten”): Request deletion of your data under certain conditions.
– Right to Restrict Processing: Limit the way we use your data, in specific circumstances.
– Right to Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format and/or have it transmitted to another data controller.
– Right to Object: Object to our processing based on legitimate interests or direct marketing.
– Rights under CCPA: California residents have the right to know what personal data is collected, request deletion, opt-out of sale (if applicable), and be free from discrimination for exercising these rights.
To exercise any of these rights, contact us at [email protected].
6. Security Measures
We employ robust administrative, technical, and physical measures to protect your personal information including:
– Data encryption in transit and at rest
– Role-based access controls to restrict internal data access
– Secure storage and data backup protocols
– Regular staff training on data security and privacy best practices
– Monitoring systems to detect, respond, and recover from data breaches
Despite these safeguards, no online transmission or storage system is completely secure. You are encouraged to take appropriate personal measures to protect your account credentials and devices.
7. International Transfers
Information collected by Gel2Root.com may be transferred to and processed in countries outside of your jurisdiction, including regions that may not provide the same level of data protection. In such cases, we implement appropriate safeguards, such as the European Commission’s standard contractual clauses (SCCs), and abide by legal frameworks for international data transfers.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal, regulatory, or contractual obligations. Examples of retention periods include:
– Account Data & Profile Data: Retained for as long as your account remains active.
– Transaction Data: Retained for seven (7) years for internal records and compliance with tax regulations.
– Communication Data: Retained for up to three (3) years from the date of last correspondence.
– Marketing Preferences: Maintained unless you withdraw your consent or opt out.
9. Cookie Policy
Gel2Root.com uses cookies and similar tracking technologies to enhance user experience, analyze website performance, and deliver personalized content. Categories of cookies we use include:
– Essential Cookies: Necessary for website functionality and secure access to basic features.
– Functional Cookies: Enable enhanced features like remembering your preferences.
– Analytics Cookies: Collect anonymized data on user interactions and website usage.
– Performance Cookies: Help us understand how users respond to content so we can improve functionality and speed.
10. Cookie Management and Compliance
You may control the setting of cookies via our cookie consent banner provided upon your first visit to Gel2Root.com. Visitors can also clear or block cookies via their browser settings.
In compliance with GDPR, we do not store cookies (except strictly necessary ones) without user consent. Under the CCPA, we honor Do Not Track (DNT) signals and provide transparency in cookies that involve the sale or sharing of personal data (note: we do not sell your personal data).
11. Protection for Children Under 13
Gel2Root.com is not directed at children under the age of 13. We do not knowingly collect personal data from individuals in this age group. If we become aware that we have inadvertently gathered data from a child under 13 without verified parental consent, we will take immediate steps to delete such information.
12. Updates to This Policy
We may update this Privacy Policy from time to time as necessary to reflect changes in operational or legal requirements. Material changes will be communicated through prominent notices on Gel2Root.com or via direct email communication when appropriate. Continued use of the website following any changes constitutes acceptance of those changes.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us at:
Email: [email protected]
We are committed to resolving all privacy-related concerns in a timely and transparent manner.
This Privacy Policy demonstrates our compliance with data protection laws and our unwavering commitment to your privacy. We encourage all users to review this policy carefully and reach out with any questions regarding your personal data.