Privacy Policy for InfraSweat
1. Introduction
At InfraSweat, we are committed to maintaining the highest standards of privacy and data protection for visitors and users of our website, infrasweat.com (“Website”). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you access or interact with this Website. We take your privacy seriously and process your personal data responsibly, lawfully, and transparently in accordance with applicable data privacy laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to personal data and information that is collected through your use of the Website, whether as a visitor, customer, or user. In the context of applicable data protection legislation, InfraSweat acts as the Data Controller with respect to the personal data it collects. Should you have any questions regarding this policy or the data we collect, please contact us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data:
– Usage Data: Information about how you interact with the Website, including your IP address, browser type, operating system, referral URLs, pages viewed, access times, session data, and navigational patterns.
– Account Data: Information you provide when registering or creating an account, including your name, email address, telephone number, billing/shipping address, or other identifying information.
– Profile Data: Data related to your preferences, purchase history, booking patterns, wellness interests, and Website behavior.
– Communication Data: Records of your communications with us, including customer support inquiries, contact form submissions, chat history, and feedback.
– Technical Data: Information about the devices and systems you use to access the Website, such as your device type, unique device identifiers, system configuration, and software details.
– Transaction Data: Details of transactions made through the Website, including payment method data (e.g., masked credit card numbers), third-party payment processor tokens, order history, and delivery/pick-up information.
– Preference Data: Your marketing preferences, communication opt-ins/opt-outs, responses to promotional campaigns, and data related to your interest in our products and services.
4. Legal Bases for Processing
InfraSweat processes your personal data in accordance with the following legal grounds:
– Performance of a Contract: Where processing is necessary to provide you with services or products you have requested or agreed to receive.
– Consent: Where you have provided clear and informed consent for specific data processing activities, such as marketing communications or non-essential cookies.
– Legitimate Interests: Where processing is necessary for our legitimate business purposes (provided that your interests and fundamental rights do not override those interests), such as to maintain Website security, personalize user experiences, or improve service offerings.
– Legal Obligation: Where processing is required to comply with legal or regulatory obligations.
5. Your Rights
Under the GDPR and CCPA, you are afforded a range of rights over your personal data. These rights include:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may request corrections to any inaccurate or incomplete personal data.
– Right to Erasure (“Right to be Forgotten”): Under certain conditions, you may request that we delete your personal data.
– Right to Restriction: You may request that we limit or suspend data processing under specific conditions.
– Right to Data Portability: You may request the transfer of your data to another controller in a structured, commonly used, and machine-readable format.
– Right to Object: You may object to the processing of data based on legitimate interests or direct marketing.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal.
To exercise any of these rights, please contact [email protected].
6. Security Measures
We implement a range of technical and organizational security measures designed to protect your personal data. These include:
– State-of-the-art encryption protocols for data transmission and storage
– Access controls and role-based data access limitations
– Secure authentication mechanisms
– Regular data backups and redundancy procedures
– Staff training on privacy and cybersecurity best practices
While we take all reasonable efforts to safeguard your information, no system is infallible. You are encouraged to maintain vigilance and secure your own devices and credentials when interacting with infrasweat.com.
7. International Transfers
In cases where personal data may be transferred to, processed in, or accessed from jurisdictions outside your country of residence, including locations outside the European Economic Area (EEA), we ensure such transfers are compliant with applicable legal frameworks. This includes the use of appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or reliance on adequacy decisions where applicable.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. Retention periods vary by data type:
– Usage Data: 12 months
– Account Data and Profile Data: Active account duration + up to 24 months
– Communication Data: Up to 36 months for response performance and legal records
– Transaction Data: Retained for at least 7 years for tax and accounting purposes
– Preference Data: Until consent is withdrawn or user unsubscribes
9. Cookie Policy
The Website uses cookies and similar tracking technologies to enhance the user experience. We categorize cookies as follows:
– Essential Cookies: Necessary for basic Website functionality (e.g., session management, security, user authentication).
– Functional Cookies: Support personalization and user preferences.
– Analytics Cookies: Collect anonymous data to understand user behavior and improve content and performance.
– Performance Cookies: Analyze technical performance of the Website and applications to optimize functionality.
We do not use cookies to sell personal information or use it in ways contradictory to this Privacy Policy.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA requirements, we provide clear notice and obtain your consent, where required, for cookies that are not strictly necessary. You have the option to manage or withdraw cookie consent at any time through our Cookie Consent Manager, accessible via the Website footer or your browser settings. CCPA-specific rights, including the right to opt out of “sale” or “sharing” of data, are honored via designated tools and headers.
11. Special Protections for Children Under 13
InfraSweat does not knowingly collect personal data from individuals under the age of 13. If you are a parent or guardian and believe your child has provided personal data through infrasweat.com, please contact us at [email protected], and we will take appropriate steps to remove that data promptly and in compliance with the Children’s Online Privacy Protection Act (COPPA).
12. Policy Updates & User Notifications
We may revise this Privacy Policy from time to time to reflect changes in legal requirements, operational practices, or technological advances. All changes will be posted on infrasweat.com within the Privacy Policy section and, where appropriate, communicated to you through additional notice (e.g., banner notifications, email). Your continued use of the Website following the posting of changes constitutes your acceptance of those changes.
13. Contact
If you have questions, concerns, or complaints regarding this Privacy Policy or our data processing practices, please do not hesitate to contact our privacy team at:
Email: [email protected]
We are fully committed to ensuring your data rights are respected and that InfraSweat remains compliant with applicable privacy laws, including GDPR and CCPA. You can reach out at any time with inquiries or to exercise your legal rights related to your data.