Privacy Policy for cushcoma.com
1. Introduction
At cushcoma.com (“we,” “us,” or “our”), we are firmly committed to protecting the privacy and personal data of our users. This Privacy Policy outlines our dedication to safeguarding your personal information and ensuring compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We take a privacy-first approach in the design and operation of our services, ensuring that your trust is maintained at every interaction.
2. Scope of This Policy and Data Controller Status
This Privacy Policy governs the collection, use, storage, disclosure, and security of personal data obtained through our website at cushcoma.com, as well as through related communication channels and services. For the purposes of applicable data protection laws, we are the “data controller” of your personal data—responsible for determining the purposes and means by which your information is processed.
3. Categories of Data We Process
We may collect and process the following categories of personal data, depending on your interaction with our website and services:
a. Usage Data
Includes information about how you use our website, such as IP address, browser type, operating system, referring URLs, access times, and session duration.
b. Account Data
Includes identification details provided during account creation or service engagement, such as your full name, email address, billing address, shipping address, and phone number.
c. Profile Data
Includes details associated with your profile and platform behavior, such as purchase history, product preferences, interaction logs, saved items, and behavioral trends.
d. Communication Data
Includes any communication exchanged with us, such as emails, contact form submissions, customer service interactions, support inquiries, and associated metadata.
e. Technical Data
Includes information on your devices and configurations, including device type, screen resolution, language settings, time zone configuration, and operating system identifiers.
f. Transaction Data
Includes details necessary for the fulfillment of orders and services, such as payment history, billing status, shipping records, and logistics tracking information.
g. Preference Data
Includes choices made with respect to marketing communications, subscription settings, communication preferences, and areas of product interest.
4. Legal Bases for Processing
We process your personal data only when the law permits us to do so, under the following bases:
– Consent: Where you provide clear, informed permission for specific purposes (e.g., subscribing to a newsletter).
– Contract: Where processing is necessary to fulfill a contract with you or to take pre-contractual steps at your request.
– Legitimate Interest: When processing is necessary for the normal operation of our business and provided your rights and freedoms are not overridden.
– Legal Obligation: Where we are required to comply with applicable laws and regulations.
5. Your Rights
Subject to certain conditions and exceptions under applicable law, you may have the following rights in relation to your personal data:
– Right of Access: You may request confirmation of whether we process your personal data and obtain a copy of such data.
– Right to Rectification: You can ask us to correct inaccurate or incomplete information we hold about you.
– Right to Erasure: You may request that we permanently delete your personal data where no longer necessary or where consent is withdrawn.
– Right to Restrict Processing: You may request that we limit how your personal data is used while concerns are resolved.
– Right to Data Portability: You may request a copy of your personal data in a structured, machine-readable format and have it transferred to another provider.
To exercise any of the above rights, please contact us at: [email protected].
6. Security Measures
We implement appropriate technical and organizational measures to ensure the confidentiality, integrity, and availability of your personal data. These measures include:
– Transport and storage encryption using SSL/TLS and AES protocols
– Access controls and multi-factor authentication for administrative accounts
– Routine data backups and disaster recovery procedures
– Ongoing training for employees on data protection and cybersecurity best practices
7. International Transfers
Personal data that we collect may be transferred to and processed in countries outside of your jurisdiction, including countries that may not have the same level of data protection. In such cases, we rely on safeguards such as Standard Contractual Clauses (SCCs), adequacy decisions by regulatory authorities, and binding corporate rules. We ensure that these transfers comply with relevant legal requirements and maintain an equivalent level of protection for your personal data.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, regulatory, accounting, or reporting requirements. Retention periods vary depending on data type:
– Account and Transaction Data: Up to 7 years after the account is closed or transaction completed
– Communication and Support Data: Up to 3 years from last interaction
– Usage and Technical Data: Up to 24 months
– Marketing and Preference Data: Until consent is withdrawn or up to 24 months of inactivity
After the applicable retention period, personal data is securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies to enhance user experience, analyze usage, and support essential site functions. These may include:
– Essential Cookies: Required for the proper functioning of cushcoma.com (e.g., for login and checkout).
– Functional Cookies: Facilitate user preferences and enhanced features (e.g., remembering items in your cart).
– Analytics Cookies: Collect aggregate data on site usage to improve performance and content relevance.
– Performance Cookies: Monitor system health and assess service delivery responsiveness.
We do not use cookies to collect sensitive personal information without your explicit consent.
10. Cookie Management and Compliance
In line with GDPR and CCPA requirements, you have control over your cookie preferences. Upon visiting cushcoma.com, you will be prompted with a cookie consent mechanism allowing you to:
– Accept all cookies
– Reject non-essential cookies
– Configure individual cookie settings based on category
You can also manage cookies at any time through your browser settings or through the cookie management portal on our website.
11. Children’s Privacy
Our website and services are not directed to individuals under the age of 13, and we do not knowingly collect personal data from children. If we become aware that personal data has been collected from a child without parental consent, we will take appropriate steps to delete such data promptly.
12. Policy Updates and Notification
We reserve the right to update or modify this Privacy Policy at any time. When changes are made, we will revise the policy on our website and, where appropriate, provide additional notice (such as via email or banner notification). Your continued use of cushcoma.com after such changes constitutes acceptance of the updated policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, you may contact our Data Protection Officer at:
Email: [email protected]
We are fully committed to upholding the privacy standards set forth by applicable laws, including GDPR and CCPA, and ensuring the secure, fair, and transparent processing of your data. Please do not hesitate to reach out should you have inquiries regarding your privacy rights or our data practices.
