Privacy Policy for Pre-Photo.com
At Pre-Photo.com (“we,” “our,” or “us”), we are committed to respecting and protecting your privacy and the personal data you entrust to us. This Privacy Policy outlines how we collect, process, store, disclose, and protect your information in full compliance with applicable privacy and data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
We prioritize your right to transparency and data control, and we encourage you to read this policy carefully to understand our practices and your rights.
1. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, account holders, and customers who interact with our website, located at Pre-Photo.com (the “Website”). Pre-Photo.com acts as the Data Controller for the personal data collected and processed through the Website. If you have any questions regarding this Policy or your data, please contact us at [email protected].
2. Categories of Data We Process
We collect various types of personal information based on your interactions with our Website or services:
a) Usage Data:
We collect information about your use of our Website, including IP address, browser type, browser version, pages visited, time spent on pages, referring URLs, and device event information. This includes server log data, session identifiers, and geographic location (city-level approximation).
b) Account Data:
If you create an account, we may collect and store your name, email address, mailing address, phone number, and login credentials.
c) Profile Data:
We collect information on your preferences, past purchases, interactions on the Website, and behavior. This may also include saved wishlist items, product reviews, or personalized settings.
d) Communication Data:
We record your communications with us, such as emails, customer support inquiries, form submissions, and chat interactions. This helps improve customer service and maintain accurate records.
e) Technical Data:
Information collected includes your device type, network connection, operating system, language settings, time zone, installed fonts, screen resolution, and browser plug-in types and versions.
f) Transaction Data:
We store payment details (only through secure third-party providers), order history, billing and shipping addresses, and delivery tracking data.
g) Preference Data:
This includes marketing preferences, newsletter opt-ins, cookie consent choices, and indicated product interest categories.
3. Legal Bases for Processing
We process your personal data lawfully under several legal bases as provided by applicable law, namely:
– Contractual Necessity: To fulfill a contract (e.g., to provide products or services you request).
– Legitimate Interest: To improve user experience, analyze website functionality, prevent fraud, and develop business strategies.
– Consent: In cases where we require your explicit approval (e.g., for marketing or analytics cookies).
– Legal Obligation: Where processing is required to comply with applicable law or regulatory obligations.
4. Your Rights Under GDPR and CCPA
You have the right to control and understand how your data is used. Subject to applicable laws, you may:
– Access: Request access to the personal data we hold about you.
– Rectify: Request correction of inaccurate or incomplete data.
– Erase: Request deletion of your personal data (“right to be forgotten”).
– Restrict: Request us to suspend processing your data in certain circumstances.
– Portability: Request transfer of your data to a third party in a machine-readable format.
– Object: Opt out of data processing based on legitimate interest or for direct marketing.
– Do Not Sell My Personal Information: Under CCPA, California residents can request that we not “sell” their personal data as defined by the law.
To exercise any of the above rights, please contact us at [email protected]. We may need to verify your identity before processing your request.
5. Security Measures
We are committed to ensuring the security of your personal data. To prevent unauthorized access, use, or disclosure, we implement industry-standard security practices, including:
– End-to-end encryption for data in transit and encryption-at-rest methods.
– Multi-factor access controls and role-based permissions for internal users.
– Regular system audits, access logging, and intrusion detection mechanisms.
– Regular training for staff on data protection and privacy obligations.
– Scheduled backups and disaster recovery protocols.
6. International Data Transfers
We may transfer your information to jurisdictions outside your country, including to servers or trusted partners in other regions. Where such transfers occur, we rely on:
– Standard Contractual Clauses (SCCs) approved by the European Commission.
– Adequacy decisions by relevant regulatory authorities.
– Other legally sanctioned transfer mechanisms that ensure a level of protection equivalent to that in your jurisdiction.
7. Data Retention
We retain your personal data only as long as necessary to fulfill the purposes for which it was collected or to comply with legal, accounting, or regulatory obligations. Retention periods vary per data category:
– Usage Data: 12 months
– Account Data: Retained as long as your account remains active, and for up to 6 years following account closure.
– Profile and Preference Data: 24 months unless updated or deleted.
– Communication Data: 3 years from last interaction.
– Technical Data: 12 months
– Transaction Data: 7 years to meet tax and audit obligations.
After these periods, your data is securely deleted or anonymized.
8. Cookie Policy
We use cookies and similar tracking technologies to enhance your experience and analyze Website usage. Our cookies fall into the following categories:
– Essential Cookies: Necessary for basic Website functionality (e.g., login, navigation).
– Functional Cookies: Remember choices and settings (e.g., language preferences).
– Analytics Cookies: Collect aggregated data for usage and performance reporting (e.g., page visits, bounce rate).
– Performance/Advertising Cookies: Track user behavior to deliver personalized ads and content (only after explicit consent).
We honor browser “Do Not Track” signals where technologically feasible.
9. Cookie Management & Compliance
Under GDPR and CCPA, you have the right to control the use of cookies. When you first visit Pre-Photo.com, a cookie banner will allow you to:
– Accept all cookies
– Reject non-essential cookies
– Customize preferences
You may also manage cookie settings through your browser at any time or revisit our cookie banner via the footer link on the Website.
10. Data Concerning Children Under 13
We do not knowingly collect or process personal information from children under the age of 13. If we become aware that a child has provided us with personal data without verified parental consent, we will take immediate steps to delete the information. Parents or legal guardians with concerns should contact us at [email protected].
11. Policy Updates
This Privacy Policy may be updated periodically to reflect changes in technology, legal requirements, or our operations. Any material changes will be posted prominently on Pre-Photo.com. We encourage you to check this page regularly to stay informed about our data practices.
12. Contact Us
If you have any questions, concerns, or complaints regarding our privacy practices or wish to exercise your privacy rights, you may contact us using the following information:
Email: [email protected]
We are dedicated to maintaining full compliance with all applicable laws and delivering a secure, privacy-conscious experience to every user of Pre-Photo.com. If you have concerns, we welcome your inquiries and will endeavor to address them promptly and transparently.