Privacy Policy for ElectricMatchbox.com
1. Introduction
At Electric Matchbox (“we”, “us”, or “our”), accessible via electricmatchbox.com (the “Website”), we are committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines our approach to collecting, processing, and safeguarding personal information in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the California Consumer Privacy Act of 2018 (“CCPA”), and all other applicable privacy regulations. Maintaining your trust is fundamental to our business, and we strive to ensure your data is handled fairly, transparently, and securely.
2. Scope of Policy and Data Controller Role
This Privacy Policy governs the processing of personal data collected via electricmatchbox.com or otherwise provided by you as a user of our Website, products, or services. For the purposes of the GDPR, we are the “data controller” of your personal data. This means that we determine the purposes and means of processing your information.
If you are accessing the Website from jurisdictions outside the European Economic Area (EEA) or California, you acknowledge that your information may be processed in accordance with this policy regardless of your geographic location.
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data:
Includes information such as your browser type, IP address, operating system, device identifiers, date and time stamps, length of visit, and browsing behavior, including pages viewed and navigation paths.
b. Account Data:
Includes details you provide when creating an account, such as your full name, email address, postal address, phone number, and login credentials.
c. Profile Data:
Includes your preferences, interests, previous purchases, behavioral patterns on the Website, and how you interact with our services.
d. Communication Data:
Includes messages you send through contact forms, customer support inquiries, live chat correspondences, and communication history.
e. Technical Data:
Includes information about your device, hardware model, system configuration, browser settings, screen resolution, and language preferences.
f. Transaction Data:
Includes records of products or services you purchase on electricmatchbox.com, billing and delivery addresses, payment methods, and transaction history. We do not store full payment card details; these are processed securely by third-party payment processors.
g. Preference Data:
Includes your marketing and communication preferences, such as opt-ins or opt-outs to promotional content, product interest tags, and newsletter subscriptions.
4. Legal Bases for Processing Your Data
We process your personal data on the following legal bases, as applicable under GDPR:
– Consent: When you have given express permission, such as opting in to email marketing or accepting cookies.
– Contractual Necessity: To fulfill obligations under a contract, such as processing an order or providing customer support.
– Legal Obligation: When processing is required to comply with laws or regulatory requirements.
– Legitimate Interests: When necessary for our business interests, provided those interests are not overridden by your data protection rights. This includes enhancing user experience, improving Website functionality, detecting fraud, and ensuring Website security.
Where required by law, especially under the CCPA and GDPR, we will obtain your consent prior to certain forms of data collection.
5. Your Rights
Subject to applicable law, you have the following rights with respect to your personal data:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You can ask us to correct any inaccurate or incomplete information.
– Right to Erasure: You may request that your personal data be deleted in certain circumstances.
– Right to Restriction: You can ask us to restrict the processing of your data subject to certain conditions.
– Right to Data Portability: You can request to receive your data in a structured, machine-readable format.
– Right to Object: You can object to our processing of your data on grounds relating to your particular situation, where the legal basis is legitimate interest.
– Right to Withdraw Consent: Where we rely on consent, you can withdraw at any time without affecting the legality of prior processing.
Residents of California also have the right under the CCPA to request disclosure of categories of personal data collected, sources, business purposes, third-party sharing details, and to request access, deletion, or opt-out of sale (where applicable).
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational safeguards to ensure the confidentiality, integrity, and availability of your personal data. These include:
– Encryption of data in transit and at rest
– Role-based access controls with regular reviews
– Firewalls, anti-malware tools, and intrusion detection systems
– Regular data backups and disaster recovery protocols
– Security awareness training for all personnel handling personal data
While we take every reasonable measure to secure personal information, no internet-based service is entirely immune from risk. We encourage you to take necessary precautions, such as using strong passwords and securing your own devices.
7. International Data Transfers
Where personal data is transferred from the EEA or other regions with applicable data protection laws to jurisdictions that do not provide equivalent protections, we implement appropriate safeguards. These may include the use of Standard Contractual Clauses approved by the European Commission, or reliance on other legally valid mechanisms. We take steps to ensure that such transfers comply with applicable laws and that your data remains protected.
8. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected or as required by law. The typical retention periods include:
– Account Data: Retained for the duration of your user relationship plus up to 3 years for administrative purposes.
– Transaction Data: Retained as required for tax, accounting, and auditing (typically 7 years).
– Communication Data: Retained for 2 years following final correspondence.
– Usage, Technical, and Analytics Data: Retained for 12–24 months, depending on relevance.
– Preference Data: Retained until you update your preferences or withdraw consent.
Upon expiration of the retention period, data is securely deleted or anonymized.
9. Cookie Policy
Our Website uses cookies and other tracking technologies to enhance your user experience, improve Website functionality, and analyze performance. We categorize cookies as follows:
– Essential Cookies: Required for core functionality, such as navigation and secure access to account features.
– Functional Cookies: Help remember user choices, such as language or region selections.
– Analytics Cookies: Collect information about how visitors use the Website, to help improve performance and content relevance.
– Performance Cookies: Track system performance, error messages, and other metrics to ensure an optimal experience.
Cookies may be set by us (first-party) or by third-party providers acting on our behalf.
10. Cookie Management & Compliance
In compliance with GDPR and CCPA, you have the right to control the use of non-essential cookies. Upon your first visit to electricmatchbox.com, you will be presented with a cookie consent banner allowing you to accept or customize settings.
You may also manage cookie preferences or revoke consent at any time through your browser’s settings or by re-accessing our cookie management tool.
For California residents, cookies that result in the sale of personal information can be opted out of by clicking the “Do Not Sell My Personal Information” link, where applicable.
11. Children’s Privacy
We do not knowingly collect or process personal data from individuals under the age of 13. If we learn that we have inadvertently collected data from a child under 13, we will promptly delete such data from our records. If you believe a child under 13 has provided us with personal information, please contact us immediately at [email protected].
12. Updates to This Policy
We reserve the right to modify or update this Privacy Policy at our discretion to reflect changes in legal or regulatory requirements, technological advances, or our operational practices. Any substantive changes will be posted on electricmatchbox.com, and, where required by law, we will inform you via email or Website notification. Continued use of the Website after changes constitutes your acceptance of the updated policy.
13. Contact Us
If you have any questions, requests, or concerns regarding this Privacy Policy or the handling of your personal data, please contact us at:
Email: [email protected]
We take privacy seriously and are committed to compliance with all relevant data protection laws. Please don’t hesitate to reach out to our team with any concerns regarding your data or privacy rights.