Privacy Policy – Gate-37.com
1. Introduction
Gate-37.com (“we,” “our,” or “us”) is committed to safeguarding your privacy and ensuring the secure and transparent processing of your personal information. This Privacy Policy outlines how we collect, use, disclose, and protect your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
2. Scope of This Policy and Data Controller
This Privacy Policy applies to all personal information collected through our website at gate-37.com (“Website”), including data you provide when you interact with us online, use our digital services, or contact us directly. For the purposes of GDPR, Gate-37.com is the data controller responsible for the processing of your personal data. You may contact us at any time with questions or concerns at [email protected].
3. Categories of Personal Data We Process
We collect and process the following categories of personal data:
a. Usage Data
This includes data about your interaction with our Website, such as IP address, browser type, operating system, language preference, referring URLs, time and date of access, pages visited, and session duration.
b. Account Data
We process data required to create and maintain your account, including your full name, billing and delivery address, email address, phone number, and login credentials.
c. Profile Data
This includes your preferences, order history, browsing behavior, interest in specific products or services, and custom user settings.
d. Communication Data
We retain records of communications between you and our team, including support requests, email correspondence, and messages sent through forms or customer service channels.
e. Technical Data
This category covers system and device-related information such as device type, unique device identifiers, browser configurations, system settings, crash logs, diagnostic data, network information, and similar technical specifications.
f. Transaction Data
We collect data relating to purchases or payments made on gate-37.com, including transaction details, shipping and delivery information, payment method, and billing status (excluding full financial instrument details unless required and suitably protected).
g. Preference Data
This relates to your consent preferences for receiving marketing materials, your communication preferences, newsletter subscriptions, and areas of product interest.
4. Legal Bases for Processing
We only process your personal data where a lawful basis applies. Under GDPR, these include:
– Performance of a contract: for fulfilling services or transactions you initiate.
– Legitimate interests: for administrative, analytical, and security purposes where such processing is not overridden by your rights.
– Legal obligation: when required under applicable law or legal processes.
– Consent: where we explicitly request your permission for certain data uses, especially for marketing or the deployment of non-essential cookies.
You may withdraw your consent at any time by contacting us at [email protected] or adjusting your cookie and communication preferences via the Website.
5. Your Rights
You have several rights concerning your personal data. Depending on your jurisdiction (notably within the EU and California), these include:
– Right of Access: To request a copy of the personal data we hold about you.
– Right to Rectification: To correct any inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): To request deletion of your data, subject to applicable lawful grounds for retention.
– Right to Restriction: To limit our processing in specific cases.
– Right to Data Portability: To receive a copy of your data in a structured, machine-readable format.
– Right to Object: To object to data processing carried out in our legitimate interest or direct marketing.
– Right to Non-Discrimination: As per CCPA, your choices will not affect the quality of service you receive.
To exercise your rights, contact us at [email protected]. We may verify your identity before responding to any such request.
6. Security Measures
We implement robust technical and organizational measures to protect personal data, including:
– Data encryption (TLS/SSL) during transmission.
– Secure storage protocols and regular security audits.
– Role-based access controls and limited data access rights.
– Regular staff training on privacy and data security.
– Continuous network monitoring and security patching.
– Routine data backups and disaster recovery plans.
7. International Data Transfers
Your personal data may be processed outside your country of residence, including in countries that may not provide the same level of data protection as the EU or the US. Where applicable, we ensure an adequate level of protection through the use of Standard Contractual Clauses approved by the European Commission, and through compliance with regional legal requirements, including those under GDPR and CCPA.
8. Data Retention
We retain personal data only as long as necessary for the purposes outlined in this Policy, or as required by applicable law. Specific retention periods include:
– Usage Data: retained for up to 13 months for analytics and security.
– Account and Profile Data: retained while your account is active and for up to 6 years thereafter for operational, legal, or compliance purposes.
– Transaction Data: retained for 7 years for financial recordkeeping.
– Communication Data: retained for up to 2 years from date of correspondence.
– Cookie data: see section 9 for retention policies related to cookies.
After expiry, data will be securely anonymized or deleted.
9. Cookie Policy
The Website uses cookies and similar technologies to enhance user experience and functionality. The types of cookies we use include:
– Essential Cookies: Required for functioning of core features (e.g., login, cart).
– Functional Cookies: Remember your choices (e.g., language, settings).
– Performance Cookies: Collect anonymized usage statistics to improve performance.
– Analytics Cookies: Help us understand how users interact with gate-37.com.
– Marketing Cookies: Track user behaviors to deliver personalized marketing (with consent).
We utilize trusted third-party services (such as Google Analytics or similar) only where they comply with strict privacy and security obligations.
10. Cookie Management and Compliance with GDPR & CCPA
Users are presented with a cookie consent tool upon first visit to gate-37.com, allowing full control over which cookies are set. You may modify your preferences or withdraw consent at any time via the “Cookie Settings” footer link. Most browsers also allow you to control cookies through their settings. Under CCPA and GDPR, we recognize “Do Not Track” and “Global Privacy Control” signals where applicable.
11. Children’s Privacy
Gate-37.com does not knowingly collect or process the personal data of individuals under the age of 13. If we become aware that data from a child under 13 has been collected without verified parental consent, we will take appropriate steps to delete such information promptly. Parents or legal guardians who believe we may have collected such data should contact us at [email protected].
12. Policy Updates
We may update this Privacy Policy to reflect legal, technical, or commercial changes. Where material changes occur, we will provide prominent notice via gate-37.com and/or direct communication to registered users where appropriate.
13. Contact Us
For questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact us at:
Email: [email protected]
Subject Line: Privacy Inquiry
Compliance
Gate-37.com is committed to ensuring full compliance with applicable data protection regulations, including GDPR and CCPA. We respect your right to privacy and are dedicated to upholding the highest standards of data security and transparency. You are encouraged to reach out to [email protected] regarding any privacy inquiry or to exercise your legal rights.