Privacy Policy for Pre-Photo.com
1. Introduction
At Pre-Photo.com (“we,” “us,” or “our”), we are committed to safeguarding the privacy and personal data of our users, customers, and visitors. Upholding the highest standards of data protection is central to how we operate. This Privacy Policy outlines how we process, protect, and respect your personal information in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws.
We prioritize privacy by design and default, ensuring transparency in how and why we handle your data. We encourage you to read this Policy carefully to understand your rights and our responsibilities regarding your personal data.
2. Scope and Data Controller
This Privacy Policy applies to information we collect from users and visitors through our website at pre-photo.com, as well as through associated services, platforms, and communications. For the purposes of the GDPR, Pre-Photo.com is the data controller responsible for the processing of your personal data.
If you reside in California or jurisdictions with similar laws, our processing activities are also governed by those applicable legal provisions.
3. Categories of Data Processed
We collect and process the following categories of personal data, according to your interactions with our services:
• Usage Data: Includes information like your IP address, browser type, time zone, location, access times, visited pages, and device identifiers. This data is collected when you interact with pre-photo.com for purposes such as analytics and service optimization.
• Account Data: Includes your name, email address, postal address, phone number, user ID, and login credentials when you create an account or register for our services.
• Profile Data: Includes your purchase history, saved items, wishlist preferences, site behavior, and other profile information you may submit.
• Communication Data: Includes your messages sent to our support or contact forms, inquiry emails, chat logs, and other correspondence history, including metadata.
• Technical Data: Includes device type, operating system, browser configuration, plug-in types, internet service provider, and other diagnostics captured to maintain service performance and troubleshoot issues.
• Transaction Data: Includes payment method (e.g., last 4 digits of a credit card), billing address, shipping address, transaction history, order fulfillment details, and invoicing records.
• Preference Data: Includes records of your marketing communication preferences, product interest indicators, survey responses, and consent choices related to promotional materials.
4. Legal Bases for Processing
We rely on the following lawful bases to process your personal data:
• Consent: Where applicable, we obtain your clear consent prior to processing your data for specific purposes, such as receiving marketing emails or deploying cookies that are not strictly necessary.
• Contract Performance: We process your information when it is necessary to fulfill our contractual obligations, including delivering goods or services you request.
• Legitimate Interests: We process your data as required to pursue our legitimate interests, including improving website functionality, responding to inquiries, detecting fraud, and maintaining service integrity — provided such interests are not overridden by your data protection rights.
• Legal Obligations: We may process your data when necessary to comply with legal duties, such as tax reporting, enforcement actions, or court mandates.
5. Your Rights
As a user, you have specific rights under applicable data protection laws. These include:
• Right of Access: You have the right to request access to the personal data we hold about you.
• Right to Rectification: You can request that inaccurate or outdated information about you be corrected.
• Right to Erasure: You may request deletion of your personal data, subject to certain legal exceptions.
• Right to Restrict Processing: You may ask us to temporarily restrict the processing of your personal data under certain circumstances.
• Right to Data Portability: You can request that we provide your personal data in a structured, commonly used, and machine-readable format for transfer to another service provider.
• Right to Object: You have the right to object to processing carried out based on legitimate interests or for direct marketing purposes.
To exercise any of these rights, please contact us at [email protected]. We will respond to your request in accordance with applicable law.
6. Security Measures
We implement technical and organizational safeguards to ensure the confidentiality, integrity, and availability of your personal data:
• Data Encryption: Both at rest and in transit, your data is encrypted using industry-standard protocols.
• Access Controls: Only authorized personnel have access to systems holding your data, with strict role-based permissions.
• Secure Infrastructure: We maintain secure servers and firewalls to prevent unauthorized access.
• Regular Backups: Data backups are performed regularly to prevent loss or data corruption.
• Staff Awareness: Employees undergo continuous privacy and security training to ensure compliance with best practices.
7. International Data Transfers
Where your data is transferred outside of the European Economic Area (EEA) or your home jurisdiction, we ensure adequate protection through:
• Standard Contractual Clauses approved by the European Commission,
• Certification mechanisms or legally recognized adequacy decisions,
• Supplementary safeguards as needed to ensure consistent protection level.
8. Data Retention
We retain your personal data only as long as necessary for the purpose for which it was collected, including:
• Usage Data: Retained for up to 12 months for analytical purposes.
• Account Data: Maintained as long as your account remains active. Upon deactivation, retained for up to 6 years for legal compliance.
• Profile Data: Retained for the duration of your account activities or until you request deletion.
• Communication Data: Retained for a period of 3 years following the last interaction.
• Technical Data: Retained for up to 12 months for troubleshooting and diagnostics.
• Transaction Data: Maintained for up to 7 years for financial, tax, and audit compliance.
• Preference Data: Retained until you withdraw consent or change settings.
Data no longer necessary is securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies and similar tracking technologies to enhance user experience. These include:
• Essential Cookies: Necessary for website operation, account login, and core functionality.
• Functional Cookies: Enable personalization and preferences such as language selection or product filters.
• Analytics Cookies: Collect anonymized data to measure website traffic and performance (e.g., Google Analytics).
• Performance Cookies: Help us understand how the site is used and improve user experience accordingly.
You can learn more about the specific types of cookies used and their purposes in our Cookie Notice, accessible from the website footer.
10. Cookie Management and Compliance
In accordance with GDPR and CCPA:
• Consent will be obtained for non-essential cookies through a cookie banner on first visit.
• You may withdraw consent or manage cookie preferences at any time via our “Cookie Settings” page on pre-photo.com.
• California residents may also opt out of “sale” or “sharing” of personal data through a dedicated “Do Not Sell or Share My Information” link.
11. Children’s Privacy
Pre-Photo.com’s services are not directed to or intended for use by children under the age of 13. We do not knowingly collect or process personal data of children without verified parental consent.
If we become aware of unintended data collection from a child under 13, we will take swift steps to delete the information. Parents or guardians may contact [email protected] to request removal of their child’s data.
12. Changes to This Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices or legal requirements. When we do so, we will provide appropriate notice and, where required by law, seek your consent for material changes.
13. Contact Us
If you have questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us at:
We are committed to handling all inquiries with diligence and in full compliance with data protection legislation.
—
Our practices are designed to remain fully compliant with the GDPR, CCPA, and other evolving privacy frameworks. Your trust is important to us, and we stand ready to assist with any concerns regarding your personal data and privacy rights.