Privacy Policy for Gel2Root.com
1. Introduction – Our Commitment to Privacy
At Gel2Root.com, we are deeply committed to protecting your personal data and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit or interact with our website, gel2root.com. We recognize the importance of privacy and data protection, and we ensure that all personal data is collected and processed in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), with a strong privacy-first approach.
2. Scope of this Policy and Data Controller Responsibilities
This Privacy Policy applies to all personal information processed by Gel2Root LLC through gel2root.com, including data collected via the website, email communications, customer interactions, and affiliated services that refer to or display this Policy. For the purposes of the GDPR, Gel2Root LLC, with contact address [email protected], is the Data Controller responsible for the processing of your personal data as described herein.
3. Categories of Personal Data We Collect
We collect and process various types of personal data depending on your interaction with our website and services:
a) Usage Data: Includes information on how you use our website, such as IP address, browser type, browsing patterns, access times, referring website addresses, and user activity.
b) Account Data: Includes details required to create and manage your account, such as name, email address, postal address, phone number, and login credentials.
c) Profile Data: Includes your preferences, purchase history, behavior patterns, selected products, and settings tailored to your use of gel2root.com.
d) Communication Data: Includes records of inquiries, support tickets, customer service communications, and messages submitted through our contact forms.
e) Technical Data: Includes details about your device type, operating system, browser types and versions, language preferences, and system configurations.
f) Transaction Data: Includes order details, payment method used, billing and shipping information, and related transactional data securely processed through our payment providers.
g) Preference Data: Includes your consent settings for marketing communications, your promotional preferences, and data on potential product or service interests.
4. Lawful Bases for Processing Personal Data
Under GDPR, we rely on a variety of lawful bases to collect and use your personal data, including:
– Contractual Necessity: To provide products or services you request.
– Consent: For optional data uses such as direct marketing or cookie enhancements.
– Legitimate Interest: For activities such as improving the website experience or fraud prevention, balanced with your privacy rights.
– Legal Obligation: To comply with laws or respond to lawful government requests.
Your consent is obtained explicitly where required, and you retain the right to withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.
5. Your Data Protection Rights
As a data subject, you have the following rights regarding your personal data:
– Right of Access: You may request access to your personal data held by us.
– Right to Rectification: You have the right to obtain correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your data in certain circumstances.
– Right to Restrict Processing: You can request limited use of your data under prescribed conditions.
– Right to Data Portability: You have the right to obtain and reuse your data across services, where applicable.
– Right to Object: You may object to data processing based on legitimate interests or direct marketing.
To exercise any of these rights, please contact us at [email protected]. We will respond in accordance with applicable data protection laws.
6. Data Security Measures
We implement comprehensive security measures to protect your data, including:
– Data encryption during transmission using SSL/TLS protocols.
– Role-based access controls to limit internal access.
– Secure server infrastructure and real-time system monitoring.
– Regular backups and disaster recovery processes.
– Employee training in data privacy and internal information security policies.
7. International Data Transfers
Where we transfer personal data outside of the European Economic Area (EEA) or other regions with robust data protection frameworks, we do so under legally recognized mechanisms such as the European Commission’s Standard Contractual Clauses or equivalent adequacy safeguards, ensuring your data is afforded the same level of protection required by GDPR standards.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, and reporting requirements. Specifically:
– Account, Profile, and Transaction Data: Retained for up to 7 years after account closure or last activity.
– Communication and Support Data: Retained for up to 3 years from last interaction.
– Technical and Usage Data: Retained no longer than 2 years for analytics and performance diagnostics.
– Marketing Preferences: Retained until consent is withdrawn or data is deemed inactive.
After these periods, data is either securely deleted, anonymized, or restricted from further processing.
9. Cookie Policy
Gel2Root.com uses cookies to optimize user experience. The types of cookies used include:
– Essential Cookies: Necessary for the website’s core functionality and user authentication.
– Functional Cookies: Enhance usability, such as saving preferences or login sessions.
– Performance Cookies: Monitor website performance through aggregate usage statistics.
– Analytics Cookies: Help us understand how users interact with our site and identify areas for improvement, including tracking traffic sources, device statistics, and site navigation paths.
10. Cookie Management and Regulatory Compliance
Upon your first visit to gel2root.com, we present a clear cookie consent banner. You may choose to accept all cookies, reject non-essential cookies, or manage preferences granularly. You can also update your preferences or withdraw consent at any time via our website’s cookie management settings or through your browser settings.
In accordance with GDPR and CCPA, we respect and honor “Do Not Track” signals and ensure that we collect only the data necessary for functionality unless you have expressly provided consent for further use.
11. Children’s Privacy
Our website and services are not directed toward children under the age of 13, and we do not knowingly collect personal data from minors. If we become aware that a child under 13 has provided personal information without verifiable parental consent, we will take immediate steps to delete such data. Parents or guardians who believe their child may have interacted with our service should contact [email protected].
12. Changes to This Privacy Policy
We reserve the right to update this Privacy Policy from time to time to reflect changes in our operations, legal obligations, technologies, or relevant regulations. Where required by law, we will notify you of such changes, and continued use of gel2root.com after revisions have been made constitutes your acceptance of the updated terms.
13. Contacting Us
If you have any questions, concerns, or requests regarding this Privacy Policy or the manner in which your personal data is handled, please contact us at:
Email: [email protected]
We take privacy and data protection seriously, and we encourage users to reach out with questions, rights requests, or concerns regarding our data practices.
—
We are fully committed to ensuring compliance with international data protection standards, including GDPR and CCPA. Your trust is essential to us, and we welcome any inquiries regarding your privacy and data rights at [email protected].