Privacy Policy for CribGrid.com

1. Introduction

CribGrid.com (“we”, “us”, or “our”) is committed to protecting and respecting your privacy. We take the responsibility of safeguarding your personal data very seriously and are committed to maintaining your trust and confidence. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all users of CribGrid.com and all services provided through our platform. CribGrid.com is the data controller responsible for processing your personal data as collected through our website and services. By accessing or using CribGrid.com, you acknowledge that you have read this Privacy Policy and agree to the practices described herein.

3. Categories of Data Processed

We may collect and process the following categories of personal data, depending on your interactions with our website and services:

a) Usage Data:
Includes information about your interactions with our website, such as pages visited, access times, IP address, browser type, session duration, referring URLs, and user agent data.

b) Account Data:
Includes your name, postal address, email address, phone number, and other details you provide when creating an account.

c) Profile Data:
Includes your preferences, past purchases, browsing behavior, and data you provide related to your use of our products and services.

d) Communication Data:
Includes communications with us via email, contact forms, support requests, and records of conversations and messages.

e) Technical Data:
Includes information about your device, operating system, browser configurations, plugin details, screen resolution, and system diagnostics.

f) Transaction Data:
Includes payment details (processed securely and in compliance with relevant regulations), order history, delivery addresses, and related purchase information.

g) Preference Data:
Includes marketing and communication preferences, subscriptions, and product or service interests.

4. Legal Bases for Processing

We process your personal data based on one or more of the following lawful bases as permitted under the GDPR:

– Consent: Where you have provided your express consent (e.g., to receive marketing communications).
– Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
– Legal Obligation: Where processing is required to comply with legal obligations.
– Legitimate Interest: Where processing is necessary for our legitimate interests (such as improving our website and services, ensuring security, or preventing fraud) and does not override your rights and freedoms.

For California residents, we do not sell personal data as defined by the CCPA.

5. Your Rights

Under applicable data protection laws, you may have the following rights:

– Right to Access: Request details of the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data, subject to exceptions.
– Right to Restrict Processing: Request limitation of the processing of your personal data.
– Right to Data Portability: Receive your data in a structured, commonly used format and/or request transmission to another controller.
– Right to Object: Object to certain types of processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time.

California residents may also have the right to request a list of categories of personal data shared for business purposes, and to request that we do not share certain personal data.

To exercise any of the above rights, please contact us at [email protected].

6. Security Measures

We implement strict security measures to ensure your data is protected from unauthorized access, alteration, disclosure, or destruction. These measures include:

– Encryption of sensitive data in transit and at rest.
– Role-based access control and secure authentication protocols.
– Regular data backups to secure storage.
– Organizational training to promote awareness and compliance with security practices.
– Security monitoring and incident response procedures.

7. International Transfers

Where personal data is transferred to third countries outside the European Economic Area (EEA) or the United States, we ensure such transfers meet the requirements of applicable data protection laws. This includes implementing appropriate safeguards such as EU Standard Contractual Clauses and, where required, conducting transfer risk assessments.

8. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including any legal, accounting, or reporting requirements. Data retention periods vary based on the type of data and its relevance:

– Usage and Technical Data: Retained for 12 months for analytics and diagnostic purposes.
– Account, Profile, and Communication Data: Retained for as long as your account remains active and up to 6 years thereafter for auditing and legal compliance.
– Transaction Data: Retained for 7 years to comply with tax and financial reporting obligations.
– Preference Data: Retained for as long as you maintain an account or until you revoke consent.

9. Cookie Policy

We use cookies and similar tracking technologies on CribGrid.com for the following purposes:

– Essential Cookies: Required to operate the website and provide core services (e.g., authentication, shopping carts).
– Functional Cookies: Enhance website performance and remember user preferences.
– Analytics Cookies: Help us understand user behavior and improve user experience through tools like Google Analytics.
– Performance Cookies: Monitor website performance and loading times to optimize functionality.

10. Cookie Management and Compliance

You can control the use of cookies at any time via your browser settings or through our cookie consent banner available on CribGrid.com. Under GDPR and CCPA, consent is required before placing non-essential cookies on your device unless otherwise permitted. You may also opt out of certain tracking technologies and behavioral advertising networks as provided in our cookie settings interface.

11. Special Protections for Children Under 13

CribGrid.com does not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have inadvertently collected information from a child under 13, we will promptly delete such data. Parents or guardians who believe that their child has provided personal data without their consent may contact us at [email protected].

12. Policy Updates

We reserve the right to modify or update this Privacy Policy from time to time in response to legal, technical, or business developments. Any material changes will be communicated via prominent notices on CribGrid.com, and where appropriate, contact methods you have provided.

13. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or the way we process your personal data, please contact:

CribGrid Privacy Team
Email: [email protected]

We are committed to complying with applicable data protection laws and welcome any questions or feedback. Please feel free to reach out with your privacy-related concerns at any time.