Privacy Policy
1. Introduction
At Pathepic.com, we are firmly committed to protecting and respecting your privacy. We recognize the importance of safeguarding personal data and are dedicated to managing any information collected in a secure, transparent, and lawful manner. This Privacy Policy outlines how your personal data is processed when you interact with our website and services. We prioritize privacy-first principles and comply with all applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller
This Privacy Policy applies to all personal data collected via our website pathepic.com, including data you provide when you use our services, communicate with us directly, or interact with our platform.
For the purposes of applicable data protection laws, the data controller responsible for your personal data is Pathepic.com. Questions or concerns about our practices may be directed to: [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a) Usage Data
Includes data collected automatically when you visit our website, such as browser type, IP address, time spent on the website, page views, referring URLs, and session metadata.
b) Account Data
Includes information you provide when creating an account, such as your full name, email address, phone number, and postal address.
c) Profile Data
Includes data generated through your use of our site, including product interests, preferences, order history, and behavioral metrics.
d) Communication Data
Includes information contained in communications you send to us through customer support channels, contact forms, or correspondence history.
e) Technical Data
Includes technical diagnostics and device-related data, such as device type, operating system, screen resolution, and browser settings.
f) Transaction Data
Includes records of purchases, payment card details handled through secure third-party processors, delivery information, and payment confirmations.
g) Preference Data
Includes your expressed preferences relating to marketing, newsletter subscriptions, opt-in/opt-out choices, and areas of interest.
4. Legal Bases for Processing
We process your personal data only when lawfully permitted. The primary legal bases under GDPR and CCPA include:
– Consent: Where you have provided your affirmative consent for specific purposes, such as marketing.
– Contractual Necessity: Where processing is required to fulfil a contract with you.
– Legitimate Interests: Where we pursue our legitimate business interests in a manner that does not override your fundamental rights and freedoms.
– Legal Obligation: Where compliance with a legal or regulatory obligation is required.
5. Your Rights
Subject to applicable law, you may exercise the following rights:
– Right of Access: To obtain a copy of the personal data we hold about you.
– Right to Rectification: To correct inaccurate or incomplete data.
– Right to Erasure: To request deletion of your personal data under specific circumstances.
– Right to Restriction: To request limiting of personal data processing in certain conditions.
– Right to Data Portability: To receive your data in a structured, commonly used, and machine-readable format.
You may exercise your rights by contacting us at [email protected]. We will respond to all valid requests within the timeframe prescribed by applicable laws.
6. Security Measures
We implement robust technical and organizational measures to maintain the integrity, confidentiality, and availability of your personal data. These safeguards include:
– End-to-end encryption for sensitive communications and transactions
– Role-based access control and activity logging
– Secure, redundant off-site backups
– Staff awareness and data protection training
– Firewalls, intrusion prevention systems, and routine monitoring
While no system is completely invulnerable, we take data protection seriously and continuously assess and enhance our security protocols.
7. International Data Transfers
In certain situations, your personal data may be transferred, stored, or processed in countries outside your jurisdiction. We ensure that any such international transfers are conducted in full compliance with applicable privacy laws, including the use of:
– Standard Contractual Clauses approved by the European Commission
– Compliance with the U.S. Privacy Shield frameworks (where applicable)
– Supplemental technical and organizational safeguards
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by applicable legislation. Below are general retention guidelines:
– Usage and Technical Data: up to 12 months
– Account and Profile Data: for the duration of your account and up to 2 years thereafter
– Communication Data: up to 3 years for record-keeping and service improvement
– Transaction Data: retained as required for financial auditing and legal compliance (typically 7 years)
– Preference Data: until you withdraw your consent or request deletion
9. Cookie Policy
Pathepic.com uses cookies and similar tracking technologies to enhance your user experience and analyze website traffic. Cookies may be categorized as:
– Essential Cookies: Necessary for the operation of the website (e.g., session management).
– Functional Cookies: Remember choices you make (e.g., language or region selection).
– Analytics Cookies: Collect aggregated data about website usage to help us improve performance.
– Performance Cookies: Measure and analyze the traffic and visitor behavior on our website.
We do not use cookies to collect personally identifiable information without consent.
10. Cookie Management and Compliance with GDPR & CCPA
Upon your first visit to pathepic.com, you are prompted to accept or manage your cookie preferences. You may also modify your preferences at any time using our cookie management tool or by adjusting your browser settings.
Under the GDPR and CCPA, users have the right to:
– Be informed about the use of cookies
– Opt-in to non-essential cookies
– Withdraw consent at any time
– Request information about cookie-derived profiles
By continuing to use the website after managing your choices, you agree to the use of cookies as specified.
11. Special Protections for Children
Pathepic.com does not knowingly collect or solicit personal data from children under the age of 13. If we discover that a child under 13 has provided us with personal data without verifiable parental consent, we will promptly delete such data. Parents or legal guardians who believe their child has submitted personal information may contact us at [email protected].
12. Policy Updates and User Notifications
This Privacy Policy may be updated to reflect changes in legal, regulatory, or operational requirements. We will notify users of any material changes via appropriate notice mechanisms, such as direct email notifications (where applicable) or banners on our platform.
It is your responsibility to review this policy periodically. Continued use of pathepic.com after modifications indicates acceptance of the revised terms.
13. Contact
If you have questions about how your personal data is handled or wish to exercise any of your rights, please contact us:
Email: [email protected]
We are committed to full transparency, compliance with data protection laws, and ensuring that you remain in control of your personal data.