Privacy Policy
1. Introduction
At OvercomingOvershopping.com, we are committed to upholding the highest standards of privacy and data protection. We recognize the importance of safeguarding personal data and are fully dedicated to maintaining the confidentiality, integrity, and security of the personal information you entrust to us. This Privacy Policy outlines how we collect, use, store, and share your data when you interact with our website. Our practices comply with all applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all interactions with OvercomingOvershopping.com, including visits to our website, communication with our support team, and the use of our services. OvercomingOvershopping.com acts as the data controller for the personal data collected via our website and related communication channels.
For any questions related to data protection, please contact us at: [email protected].
3. Categories of Data We Process
We may process the following categories of personal data:
a) Usage Data
This includes information about how visitors use our website: browser type and version, IP address, date and time of visits, session duration, navigation paths, referral sources, and geographical location (at a general level).
b) Account Data
Collected when you create or maintain an account: full name, mailing address, email address, telephone number, and login credentials.
c) Profile Data
Information you provide or generate through the use of our services, such as preferences, service history, behavioral data, purchases, and feedback.
d) Communication Data
Any information provided through support requests, email inquiries, online forms, customer service interactions, and communication history.
e) Technical Data
Details about the devices and systems you use to access our website: device type, operating system, browser settings, display settings, and other system configuration information.
f) Transaction Data
Data required to process payments or product delivery, including billing information, order history, partial card data (processed through a secure third-party vendor), and shipping addresses.
g) Preference Data
Your marketing and communication preferences, response to promotions, product interests, and opt-in or opt-out status for newsletters.
4. Legal Bases for Processing Personal Data
We rely on various lawful bases to process your data, including:
– Consent: Where you have provided explicit consent for marketing communications or third-party sharing.
– Contractual Necessity: When data processing is essential to fulfill a contract, including account registration and service delivery.
– Legal Obligation: When we are obliged by law to retain or disclose your information.
– Legitimate Interests: To enhance user experience, prevent fraud, ensure network security, and improve website functionality. We only rely on this basis where your rights and freedoms are not overridden.
5. Your Rights
As a data subject under GDPR or a consumer under CCPA, you may exercise the following rights:
– Right of Access: Request access to the personal data we hold about you.
– Right to Rectification: Correct any inaccurate or incomplete personal information.
– Right to Erasure: Request deletion of your data, subject to legal obligations.
– Right to Restriction: Limit how we process your data under certain conditions.
– Right to Data Portability: Obtain a copy of your data in a machine-readable format.
– Right to Object: Object to processing based on legitimate interests or direct marketing.
– Right to Not Be Subject to Automated Decision-Making: We do not engage in decisions that produce significant effects based solely on automated processing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement appropriate organizational and technical safeguards to protect your personal data, including:
– Data encryption in transit and at rest
– Role-based access controls and authentication procedures
– Secure data storage with regular vulnerability assessments
– Staff awareness and privacy training
– Scheduled data backups and disaster recovery protocols
Despite these measures, no system can be guaranteed to be 100% secure. We urge all users to take steps to protect their own data, such as using strong passwords and avoiding the reuse of credentials.
7. International Transfers
OvercomingOvershopping.com may transfer your personal data to jurisdictions outside your own, including countries that may not provide the same level of data protection. In such cases, we rely on approved data transfer mechanisms, such as Standard Contractual Clauses (SCCs), binding corporate rules, or your explicit consent, in accordance with GDPR provisions.
For residents of the European Economic Area (EEA) or United Kingdom, appropriate safeguards are in place when transferring data internationally to ensure compliance with applicable laws.
8. Data Retention
We retain your personal data only for as long as is necessary for the purposes for which it was collected, including to comply with legal, regulatory, tax, accounting, or reporting requirements.
Retention periods by category:
– Usage Data: 12 months
– Account Data: For the duration of your account and up to 36 months after closure
– Profile and Preference Data: 24 months from last activity
– Communication and Support Data: 36 months
– Technical Data: 12 months
– Transaction Data: 7 years (for taxation and audit purposes)
Data no longer required will be securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies and similar tracking technologies to improve performance, personalize content, and analyze traffic. The types of cookies include:
– Essential Cookies: Necessary for website functions such as login and navigation
– Functional Cookies: Enable personalized settings and preferences
– Analytics Cookies: Gather aggregated usage data to help us improve services
– Performance Cookies: Monitor the efficiency and responsiveness of the site
Cookies do not harm your device and do not directly identify individuals unless tied to an account.
10. Cookie Management and Compliance
We comply with GDPR and CCPA by offering transparent cookie disclosures and meaningful choices:
– Upon first visit, a cookie banner provides options to Accept All, Reject Non-Essential, or Manage Preferences.
– Users may change cookie preferences at any time through accessible controls on our website.
– Browser-level settings allow you to block or delete cookies.
– We do not sell your data in the traditional sense, and we offer a mechanism to opt out of any data sharing deemed a “sale” under CCPA.
11. Protection for Children Under 13
Our website and services are not intended for, nor knowingly directed to, children under the age of 13. We do not knowingly collect personal data from children without verified parental consent. If we become aware that a child under 13 has provided us with personal data, we will take steps to delete such information promptly.
12. Policy Updates and Notifications
We may amend this Privacy Policy from time to time to reflect legal, regulatory, or operational changes. We encourage users to review this policy periodically. Where material changes are made, users will be notified via email (if available) or through a prominent notice on OvercomingOvershopping.com.
13. Contact Us
For questions about this Privacy Policy, data requests, or concerns regarding your personal data, please contact us at:
Email: [email protected]
We are committed to ensuring that your privacy and data rights are respected and upheld in all our practices. If you believe your rights have been violated, you also have the right to contact your local data protection authority.
This Privacy Policy is intended to fulfill our obligations under GDPR, CCPA, and all applicable data protection regulations. Thank you for trusting OvercomingOvershopping.com.