PRIVACY POLICY
At Cushcoma (“we”, “us”, or “our”), accessible at cushcoma.com, we are firmly committed to protecting your personal data and handling it with integrity, respect, and transparency. This Privacy Policy outlines how we collect, use, store, and share your personal information, and the rights and choices available to you, in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.
1. INTRODUCTION: OUR COMMITMENT TO PRIVACY
Your privacy is paramount to us. Cushcoma is dedicated to ensuring the security and confidentiality of all personal data that you provide when interacting with our website or services. We apply rigorous technical and organizational safeguards to give you full confidence when sharing your information with us.
2. SCOPE OF POLICY AND OUR ROLE AS DATA CONTROLLER
This Privacy Policy applies to all users who interact with cushcoma.com through browsing, creating accounts, purchasing products, or contacting us. As the data controller, Cushcoma determines the purposes and means of processing your personal data. By using our services, you acknowledge that your data may be collected, stored, and processed in accordance with this Privacy Policy.
3. CATEGORIES OF PERSONAL DATA PROCESSED
We may collect and process the following categories of personal data:
a) Usage Data
We collect data about your interactions with cushcoma.com, including your browser type, IP address, device identifiers, pages visited, time spent, and clickstream data.
b) Account Data
When you create an account, we collect your name, email address, contact details, delivery addresses, and phone number.
c) Profile Data
We may collect data reflecting your preferences, purchase history, wishlist items, and user behavior within your account or site interactions.
d) Communication Data
This includes any communications sent to us, such as support requests, submitted forms, inquiries, and conversations with our team.
e) Technical Data
Information regarding your device type, operating system, language settings, browser version, system configurations, and mobile platform may be automatically collected.
f) Transaction Data
In processing payments and fulfilling orders, we may collect your billing information, delivery address, payment status, purchase details, and other necessary logistical data.
g) Preference Data
We retain data relating to your communications preferences, marketing subscriptions, and product or content interests.
4. LEGAL BASES FOR PROCESSING
We process personal data based on the following lawful grounds:
– Consent: When you voluntarily provide data for marketing, account creation, or communication purposes.
– Contractual Necessity: To fulfill obligations when you make a purchase or engage our services.
– Legitimate Interests: To operate and improve our website, defend our legal rights, prevent fraud, and personalize your user experience.
– Legal Obligation: Where processing is required for compliance with applicable laws or regulatory requirements.
5. YOUR RIGHTS UNDER DATA PROTECTION LAWS
In accordance with GDPR, CCPA, and other applicable laws, you may exercise the following rights:
– Right of Access: Request a copy of personal data we hold about you.
– Right to Rectification: Correct inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of personal data under certain conditions.
– Right to Restriction: Request limitation of processing where appropriate.
– Right to Data Portability: Receive your personal data in a structured, commonly-used machine-readable format and transfer it to another controller.
– Right to Object: Object to data processing on grounds of legitimate interest or consent-based direct marketing.
To exercise these rights, contact us at [email protected]. We may need to verify your identity before processing any requests.
6. SECURITY MEASURES
We implement strong data protection measures, including:
– End-to-end encryption during data transmission and storage;
– Role-based access controls and authentication protocols;
– Regular data backups and disaster recovery procedures;
– Secure servers housed in compliant data centers;
– Employee training on privacy and data handling best practices.
These safeguards are designed to protect your data from unauthorized access, disclosure, alteration, or destruction.
7. INTERNATIONAL TRANSFERS
Where personal data is transferred outside of the European Economic Area (EEA) or other regions with data protection laws, we ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission are in place. By using cushcoma.com, you consent to the transfer of your data to jurisdictions where we operate or where our service providers are based.
8. DATA RETENTION POLICY
We retain personal data only for as long as necessary for the purposes outlined in this Privacy Policy or as required by law. Specific retention periods include:
– Usage Data: Retained for a maximum of 12 months for analytics;
– Account Data: Stored during the active account lifespan and up to 6 years afterwards for audit and compliance purposes;
– Transaction & Communication Data: Retained for up to 7 years for legal, contractual, and tax-related obligations;
– Marketing Consent & Preference Data: Retained until you withdraw consent or unsubscribe.
9. COOKIE POLICY
We use cookies and similar technologies to enhance your browsing experience and support website functionality. These include:
– Essential Cookies: Necessary for site access, login authentication, and transaction processing.
– Functional Cookies: Enable personalization features such as remembering preferences.
– Analytics Cookies: Help us understand usage behavior and improve site performance.
– Performance Cookies: Measure site load times and technical capabilities.
Cookies are managed per your browser settings, and your continued use of cushcoma.com indicates consent unless otherwise specified.
10. COOKIE MANAGEMENT & COMPLIANCE
You can manage your cookie preferences via our Cookie Consent Tool or through your browser settings. Under GDPR and CCPA, we ensure:
– Affirmative, informed consent before setting non-essential cookies;
– Opt-out mechanisms for analytics and marketing cookies;
– The right to access or delete cookie-related personal data.
We do not sell or “share” personal data as defined under CCPA. If you are a California resident, you may exercise your Do Not Sell or Share rights at any time.
11. CHILDREN’S PRIVACY
Cushcoma does not knowingly collect or process personal data from children under the age of 13. If we become aware that such data has been collected without verified parental consent, we will delete it promptly. Parents or guardians who believe their child has provided personal data may contact us at [email protected].
12. POLICY UPDATES
We reserve the right to make changes to this Privacy Policy to reflect legal, technological, or operational changes. Material amendments will be communicated via appropriate channels such as banners, notifications, or email (if applicable). Continued use of cushcoma.com constitutes acknowledgement of these updates.
13. CONTACT
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Website: https://cushcoma.com
We are committed to full compliance with applicable privacy standards. If you believe we have not upheld your data protection rights, you are entitled to lodge a complaint with your supervisory authority.
At Cushcoma, your privacy is a cornerstone of our relationship with you. We remain committed to handling your data with care, transparency, and responsibility. Please reach out to us at [email protected] for any privacy-related inquiries.
