Privacy Policy for haikubytwo.com
1. Introduction
At haikubytwo.com (“we,” “our,” or “us”), we are committed to safeguarding your personal information and respecting your privacy rights. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data in accordance with applicable data protection legislation, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
We believe privacy is fundamental. Accordingly, we implement stringent data protection measures and strive to provide transparency and control to all users interacting with haikubytwo.com, regardless of geographic jurisdiction.
2. Scope of This Policy and Our Role as Data Controller
This Privacy Policy applies to all visitors, customers, and users who access or interact with haikubytwo.com.
For the purposes of the GDPR, haikubytwo.com is the data controller of your personal data where we determine the purposes and means of processing.
This Policy applies exclusively to information collected through haikubytwo.com and all related communications sent to and from us via official channels, including email and support forms.
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Information related to your use of our website, including IP address, browser type and version, pages visited, referral URL, access times, and interaction patterns.
b. Account Data
Details provided when you create an account, including your full name, physical address, email address, telephone number, and login credentials.
c. Profile Data
Optional data including purchase history, product preferences, saved settings, browsing behavior, and user-generated content.
d. Communication Data
Records of contacts made with us, such as support tickets, inquiries through forms, emails sent to [email protected], or similar interactions.
e. Technical Data
Details about the devices you use to access haikubytwo.com, including device identifiers, operating systems, browser configurations, time zone settings, and other system-level metadata.
f. Transaction Data
Information required to process orders or payments, including product selections, billing/shipping addresses, and anonymized payment confirmation (actual payment data is handled via trusted third-party payment processors).
g. Preference Data
Your indicated preferences regarding marketing emails, newsletters, promotional content, product interests, and opt-in/opt-out statuses.
4. Legal Bases for Processing
We process your personal data only when permitted by applicable law. Legal bases for processing include:
– Legitimate Interests: To understand use of haikubytwo.com and maintain its performance, security, and relevance.
– Contract Fulfillment: To provide services, fulfill purchase obligations, process payments, and manage user accounts.
– Consent: For sending marketing communications, placing non-essential cookies, and any other activity requiring affirmative consent.
– Legal Obligations: To comply with applicable regulations, tax requirements, or court orders.
Where processing is based on your consent, you have the right to withdraw such consent at any time.
5. Your Rights Under Data Protection Law
Subject to applicable laws, you have the following rights with respect to your personal data:
– Right of Access: Obtain confirmation as to whether your data is being processed and access a copy of such data.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your personal data under circumstances such as when data is no longer necessary for its original purpose.
– Right to Restrict Processing: Obtain limitation on processing where accuracy is contested or data is being unlawfully processed.
– Right to Data Portability: Receive your personal data in a structured, commonly used and machine-readable format and transmit it to another controller.
– Right to Object: Object to processing carried out under the basis of legitimate interest or direct marketing.
Users located in California may also exercise rights under the CCPA, including the right to know what data is collected, the right to delete personal information, and the right to opt-out of the sale of personal data (we do not sell personal data in any circumstance).
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust physical, technical, and administrative safeguards designed to protect your information from unauthorized access, use, alteration, disclosure, or destruction. These include:
– SSL encryption on web traffic
– Role-based access controls
– Regular security audits and vulnerability assessments
– Encrypted data storage and backups
– Staff privacy training and breach response protocols
While we strive for best-in-class security, no method of transmission over the Internet or electronic storage is completely secure. Accordingly, we cannot guarantee absolute data security.
7. International Data Transfers
Your personal data may be transferred to and stored in countries outside your country of residence, including the United States or other jurisdictions that may not offer the same level of data protection.
Where applicable, we rely on:
– Standard Contractual Clauses approved by the European Commission
– Adequacy decisions from relevant authorities
– Other lawful transfer mechanisms under GDPR and data privacy legislation
We ensure that any third-party service providers involved in international transfers adhere to comparable privacy and security standards.
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected, including satisfying legal, tax, accounting, or reporting obligations.
Specifically:
– Usage, Technical, and Cookie Data: Retained for up to 26 months from last user interaction
– Account and Profile Data: Retained for the duration of your active account, and up to 6 years post-deactivation unless sooner deleted upon request
– Communication Data: Retained for 3 years for quality and record-keeping purposes
– Transaction Data: Retained for 7 years for regulatory compliance
9. Cookie Policy
We use cookies and similar technologies to improve your experience on haikubytwo.com. Cookies may fall into the following categories:
– Essential Cookies: Required for core site functionality such as login, shopping cart, and secure areas.
– Functional Cookies: Remember choices you make, such as region or language.
– Analytics Cookies: Collect aggregated and anonymized data to understand how visitors interact with the site.
– Performance Cookies: Enhance site speed and reliability.
All cookies stored are subject to data protection and are processed in compliance with GDPR and CCPA where applicable.
10. Cookie Management & Legal Compliance
Upon first access, you will encounter our cookie banner allowing you to manage and adjust cookie preferences. You may also alter cookie settings in your browser, though note that disabling certain cookies may impair site functionality.
You have the right to:
– Accept or reject non-essential cookies upon visit
– Revoke previously given consent through your browser or through our cookie settings page
For California residents, we honor Do Not Track (DNT) signals and opt-out mechanisms.
11. Children’s Privacy
Our website is not directed to or intended for children under the age of 13, and we do not knowingly collect or solicit personal data from minors. If we discover that we have unintentionally collected personal data from a child under 13, we will promptly delete such information.
If you believe that a child has provided us with personal data, please contact us at [email protected].
12. Policy Updates & Notifications
We reserve the right to update or amend this Privacy Policy at any time. Updates will be reflected on haikubytwo.com with immediate effect. Where material changes occur, we will notify you through prominent notices on the website or via registered email addresses, where applicable.
We encourage you to periodically review this Policy to remain informed about how we collect and use your information.
13. Contact Us
If you have any questions regarding this Privacy Policy, or if you wish to exercise your data rights or raise a privacy concern, please contact us at:
Email: [email protected]
We are fully committed to complying with global data protection laws, including GDPR and CCPA. Your privacy is important to us, and we encourage you to reach out with any concerns or requests regarding how your information is handled.
