1. Introduction
At Painbirds.com, your privacy and the security of your personal data are of paramount importance to us. We are fully committed to protecting your personal information, complying with applicable data protection laws including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”), and ensuring transparency in how we collect, use, share, and store your data. This Privacy Policy outlines your rights in relation to your personal information and how we uphold those rights.
2. Scope of Policy & Data Controller Role
This Privacy Policy applies to all users of our website and services provided through painbirds.com. References to “we”, “us” or “our” refer to the operators of painbirds.com, who are the data controllers responsible for your personal data collected through the site.
We determine the purposes and means of the processing of personal data and take all necessary steps to ensure compliance with regulatory standards and user expectations concerning privacy.
3. Categories of Personal Data Processed
We may collect, use, store and transfer various types of personal data depending on your interaction with our website, such as:
– Usage Data: Information about how you use our website, including IP address, browser type and version, time zone setting, operating system, clickstream data, and session duration.
– Account Data: Information provided when you create an account or make a purchase, including your full name, mailing address, email address, password, and phone number.
– Profile Data: Includes your purchase history, product preferences, behavior on the website, saved items, and content interactions.
– Communication Data: Includes personal data contained in or relating to any communication that you send to us, including support requests, inquiries, and message history.
– Technical Data: Information about the devices you use to access our website, such as hardware type, operating system version, screen resolution, and system configurations.
– Transaction Data: Details of products and services you have purchased or inquired about from us, including payment details, billing address, and delivery details; payment information is collected and processed securely via our payment gateway providers.
– Preference Data: Marketing preferences, communication consents, and product interest information derived from your interaction with our site or as provided by you.
4. Legal Bases for Processing
We process your personal data lawfully, fairly and transparently. Legal bases for processing may include:
– Contractual Necessity: To fulfil contractual obligations such as processing transactions or providing support related to services purchased.
– Legitimate Interests: To pursue our legitimate interests in operating and improving our services, provided those interests are not overridden by your rights and freedoms.
– Consent: When you have provided explicit and informed consent, particularly for marketing, cookies, or data sharing with third parties.
– Legal Obligation: When we are required to process your data to comply with a legal or regulatory obligation.
5. Your Rights
As a user, you may exercise the rights granted to you under GDPR and relevant U.S. privacy laws, including:
– Right of Access: Obtain confirmation on what personal data we process and request a copy of it.
– Right to Rectification: Request corrections of inaccurate or incomplete personal data.
– Right to Erasure: Request the deletion of your personal data where it is no longer necessary for the purpose for which it was collected.
– Right to Restrict Processing: Request limitation on how we process your data under certain circumstances.
– Right to Data Portability: Request to receive personal data in a structured, commonly used and machine-readable format and transmit it to another controller.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
To protect your data, we implement comprehensive technical and organizational security measures, including but not limited to:
– Encryption protocols (SSL/TLS) for data in transit.
– Access controls restricting personal data use to authorized personnel only.
– Secure infrastructure and server environments.
– Regular backups and data recovery mechanisms.
– Ongoing employee data protection training and confidentiality agreements.
7. International Transfers
We may transfer your personal data outside your country or the European Economic Area (EEA) to trusted providers or partners. In such instances, we ensure equivalent protections are in place, including the use of Standard Contractual Clauses approved by the European Commission, adherence to Privacy Shield principles (where applicable), or reliance on other legally recognized safeguards.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purpose for which it was collected or to comply with legal, regulatory, or contractual obligations.
– Account and Profile Data: Retained while the account remains active and for a maximum of 3 years after inactivity.
– Communication Data: Retained for 2 years following your last interaction with our support services.
– Transaction Data: Retained for 7 years for tax and accounting compliance.
– Marketing and Preference Data: Retained for as long as you remain subscribed or until you withdraw consent.
9. Cookie Policy
We use cookies and similar technologies on painbirds.com to enhance your browsing experience. Cookies are small files stored on your device that facilitate functionality and analytics.
Cookies may include the following categories:
– Essential Cookies: Necessary for website operation (e.g., login sessions, shopping cart functionality).
– Functional Cookies: Enable enhanced features (e.g., language preferences, saved items).
– Analytics Cookies: Collect anonymous usage data to better understand user behavior and improve site performance.
– Performance Cookies: Assist in measuring page load times and user navigation.
10. Cookie Management and Compliance
By continuing to use painbirds.com, you consent to our use of cookies as described. You may manage your cookie preferences via your browser settings or our cookie consent banner, which complies with GDPR and CCPA requirements. You also have the option to withdraw your consent at any time without affecting the lawfulness of prior processing.
11. Protection of Children’s Data
Painbirds.com does not knowingly collect or solicit data from children under the age of 13. If we learn that we have inadvertently collected personal data from a child under 13, we will delete such data promptly. If you believe a child has provided us with personal data without parental consent, please contact us at [email protected].
12. Policy Updates
This Privacy Policy may be updated from time to time to reflect changes in legal, regulatory, or operational requirements. Continued use of painbirds.com after such changes constitutes your acknowledgment and acceptance of the updated policy. Material updates will be communicated through appropriate channels, such as website banners or direct email where applicable.
13. Contact
Questions, concerns, or requests regarding this Privacy Policy or your personal data can be directed to us at:
Email: [email protected]
We are committed to full compliance with GDPR, CCPA, and all relevant data protection laws. If you have any concerns about how your data is handled, please do not hesitate to reach out to us.