Privacy Policy
Painbirds.com (“we,” “us,” “our,” or the “Site”) is committed to protecting the privacy and personal data of its users. This Privacy Policy outlines how personal information is collected, processed, stored, and shared when you interact with our website and services. We comply with all applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), and are dedicated to upholding the highest standards of privacy and data security.
1. Introduction: Commitment to Privacy and Data Protection
At Painbirds.com, your privacy is our priority. We are committed to ensuring the confidentiality, integrity, and lawful processing of the personal data that we collect. This Privacy Policy serves as a transparent disclosure of our practices and a statement of our data protection obligations under applicable law.
2. Scope of the Policy and Role of Data Controller
This Privacy Policy applies to all users and visitors of Painbirds.com and to all personal data collected through our website, services, and communications. We operate as the “data controller” under the GDPR and the “business” under the CCPA. This means we determine the purposes and means of processing your personal data.
3. Categories of Data Processed
We collect and process the following categories of personal data:
a. Usage Data
Includes data about how you access and use our website, such as your IP address, browser type and version, pages viewed, time spent on pages, links clicked, session timestamps, referring URLs, and similar diagnostic data.
b. Account Data
Includes information provided by users by creating an account or engaging with the Site, such as your full name, billing and shipping addresses, email address, and phone number.
c. Profile Data
Includes user-generated information such as saved preferences, shopping history, behavioral patterns, wishlists, reviews, and other interactions with the Site.
d. Communication Data
Includes your communications with us, including emails to [email protected], customer service messages, chat records, and contact form submissions.
e. Technical Data
Includes device information collected through automated means such as operating system, system configurations, browser plugins, internet service provider, screen resolution, and language settings.
f. Transaction Data
Includes payment history, transaction records, product orders, delivery and fulfillment details, and applicable refunds.
g. Preference Data
Includes opt-ins and opt-outs for marketing communications, survey responses, and expressed interests in products and services.
4. Legal Bases for Processing Personal Data
We process your data based on the following legal grounds:
– Consent: When you provide clear consent for us to process your data for specific purposes, such as subscribing to newsletters or accepting cookies.
– Contractual Necessity: When data processing is required to fulfill our obligations under a contract, such as providing products or services.
– Legitimate Interests: Where processing is necessary to pursue our legitimate interests in improving our website, preventing fraud, or personalizing user experience—provided that these interests do not override your fundamental rights.
– Legal Obligation: When we are legally obligated to process your data, such as for tax filings or regulatory compliance.
5. Your Rights under GDPR and CCPA
Depending on your jurisdiction, you may exercise the following rights regarding your personal data:
– Right of Access: Request a copy of personal data we hold about you.
– Right to Rectification: Request corrections to inaccurate or incomplete information.
– Right to Erasure: Request deletion of your data, subject to certain legal limitations.
– Right to Restriction: Request limited processing of your data under certain circumstances.
– Right to Data Portability: Receive your data in a structured, machine-readable format.
– Right to Object: Object to the processing of your data where applicable.
– Right to Withdraw Consent: Withdraw consent at any time when processing is based on consent.
– Right to Non-Discrimination: You will not be discriminated against for exercising your privacy rights under the CCPA.
To exercise your rights, please email us at [email protected].
6. Security Measures
We employ a wide array of technical and organizational measures to protect your data, including:
– Encryption of data in transit and at rest;
– Role-based access controls to systems and personal data;
– Regular data backups and disaster recovery procedures;
– Employee training programs in data protection principles;
– Secure data hosting in enterprise-grade environments.
Despite these efforts, no transmission over the internet can be guaranteed to be 100% secure. Nonetheless, we strive to use all commercially acceptable means to protect your personal information.
7. International Transfers
We may transfer your personal data outside your country of residence, including to countries not recognized as providing an adequate level of data protection under the GDPR. In such cases, we implement appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission, to ensure your data is protected in accordance with this policy.
8. Data Retention
We retain personal data for as long as necessary to fulfill the purposes for which it was collected, including but not limited to legal, accounting, or reporting requirements. Retention periods per data category are generally as follows:
– Usage and Technical Data: up to 2 years;
– Account and Profile Data: retained while user account remains active plus 6 years;
– Communication Data: retained for up to 3 years after resolution of the related inquiry;
– Transaction Data: retained for 7 years according to tax and auditing obligations;
– Marketing and Preference Data: retained until consent is withdrawn or superseded.
We will securely erase your data when it is no longer required.
9. Cookie Policy
Painbirds.com uses cookies and similar technologies to enhance your browsing experience and analyze site performance. Cookies may be:
– Essential Cookies: Required for core functionality such as login and shopping cart.
– Functional Cookies: Enable customization and remembering of preferences.
– Analytics Cookies: Collect aggregated data for website improvement (e.g., Google Analytics).
– Performance Cookies: Track user interactions to assess and improve load times and usability.
10. Cookie Management and Compliance
By accessing our website, you may consent to the use of non-essential cookies. You may manage or revoke this consent at any time using browser settings or our cookie management tool. In compliance with GDPR and CCPA, we do not set non-essential cookies unless consent has been obtained and maintain comprehensive records of such consents. You also have the right to opt-out of the sale of your personal data under the CCPA, where applicable.
11. Children’s Data Protection
Painbirds.com does not knowingly collect or solicit personal information from children under the age of 13. If we become aware that we have collected personal data from a minor without verified parental consent, we will promptly delete such information. If you believe a child under 13 has provided us with personal data, please contact us at [email protected].
12. Policy Updates
We reserve the right to update this Privacy Policy at our discretion. Material changes will be communicated through appropriate channels, such as a website notice or direct communication. Continued use of the Site after updates constitutes acceptance of the revised terms.
13. Contact Information
If you have questions or concerns regarding this Privacy Policy, your rights, or how we handle your personal information, please contact us via:
Email: [email protected]
We are fully committed to compliance with all applicable data protection laws and welcome any feedback or requests you may have regarding your privacy.