Privacy Policy for Shopttos.com

1. Introduction

At Shopttos.com, we are committed to safeguarding your personal information and upholding your privacy rights. We consistently implement and maintain comprehensive privacy and data protection principles to ensure that our users’ personal data is collected, stored, and processed securely, transparently, and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, and protect your data when visiting or interacting with our website.

2. Scope of This Policy & Data Controller Role

This Privacy Policy applies to all visitors, users, and others who access Shopttos.com (“the Website”) and related services. For purposes of applicable data protection legislation, Shopttos Solutions, the operator of Shopttos.com, is the designated Data Controller responsible for determining the purposes, conditions, and means of processing any personal data collected on or through the Website.

3. Categories of Data We Process

We may collect and process the following categories of personal data, either directly from you or automatically when you interact with our Website:

– Usage Data: This includes information about how you use Shopttos.com, such as your browser type, IP address, device language, session duration, referring URLs, time zone, and marketing interactions.

– Account Data: If you register for an account with us, we may collect your name, billing and shipping address, email address, and telephone number.

– Profile Data: This encompasses user preferences, shopping behavior, wish lists, purchase history, and data relating to how you interact with the content and features of Shopttos.com.

– Communication Data: We retain records of your interactions with us, such as customer support communications, inquiries submitted via forms, and email correspondence history.

– Technical Data: Includes details on the devices you use to access our Website, such as your hardware model, operating system and version, unique device identifiers, and system configuration settings.

– Transaction Data: Information relating to purchases you make through the Website, including payment information (provided securely via third-party processors), order details, delivery preferences, and invoice history.

– Preference Data: This includes your marketing preferences, product interests, and participation in promotional or survey initiatives.

4. Legal Bases for Processing

Our legal basis for collecting and using the data described above will depend on the specific data and context in which we collect it. Under GDPR, we process personal data on the following bases:

– Consent: Where required, we seek your explicit consent to process data for designated purposes (e.g., marketing emails, cookies).
– Contract: To fulfill our obligations under a contractual agreement with you, such as processing orders and managing your account.
– Legitimate Interest: We may process certain data where we have a legitimate business interest, provided your rights and freedoms are not overridden (e.g., fraud prevention, Website security).
– Legal Obligation: In instances where we are required to retain or disclose data under applicable laws.

For residents of California, we process personal data in compliance with the CCPA using similar lawful bases and mechanisms.

5. Your Rights

Subject to applicable data protection laws, you may exercise the following rights:

– Right of Access: You may request confirmation of whether we hold personal data about you and to access such data.
– Right to Rectification: You may request that we correct or complete inaccurate or incomplete personal data.
– Right to Erasure: Also known as the “right to be forgotten,” you may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected.
– Right to Restrict Processing: You can request that we limit the processing of your personal data under certain circumstances.
– Right to Data Portability: You have the right to receive a structured, commonly used, and machine-readable format of your data and, where technically feasible, to transmit it to another controller.

To exercise any of these rights or submit a verifiable request under the CCPA (e.g., “Do Not Sell My Personal Information”), please contact us at [email protected]. We may require verification of your identity before fulfilling your request.

6. Security Measures

We implement a wide range of technical, administrative, and organizational measures designed to protect your personal data and ensure its confidentiality, integrity, and availability. Measures may include, but are not limited to:

– Encryption of personal data and secure communications (HTTPS/TLS)
– Role-based access control and multi-factor authentication
– Routine system and security patching
– Regular data backups and recovery planning
– Employee training on privacy and data protection protocols

While we strive to use commercially acceptable means to protect your information, no method of transmission over the Internet or method of electronic storage is 100% secure.

7. International Transfers

We may transfer and store your information in jurisdictions outside your region, including countries not deemed to have adequate data protection laws by the European Commission. In such cases, Shopttos.com ensures appropriate safeguards, such as Standard Contractual Clauses (SCCs) or equivalent mechanisms, are in place to protect your data in accordance with European data protection standards.

8. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes outlined in this Policy, including:

– Usage and Technical Data: Retained for up to 12 months for analytics and performance optimization.
– Account and Profile Data: Retained while your account is active and up to 5 years thereafter for legal, tax, and fraud prevention purposes.
– Transaction Data: Retained for 7 years post-transaction for accounting and audit compliance.
– Communication and Preference Data: Retained for 3 years post-interaction, unless longer retention is required by law or consent.

9. Cookie Policy

We use cookies and similar technologies to enhance your browsing experience, analyze our traffic, personalize content, and deliver relevant advertisements. Categories of cookies used on Shopttos.com include:

– Essential Cookies: Necessary for core site functionality such as navigation, authentication, and secure transactions.
– Functional Cookies: Enable enhanced features, such as remembering your preferences and shopping history.
– Performance/Analytics Cookies: Used to gather statistics on user behavior, page views, and feature usage to help improve the Website.
– Marketing Cookies: Set by us or third-party services to build user profiles and deliver relevant advertisements based on your browsing behavior.

10. Cookie Management & Compliance

Upon your first visit to Shopttos.com, we present a consent banner allowing you to accept or manage cookie settings. You may update your preferences at any time through the Cookie Settings within your browser or on our Website. We comply with GDPR’s ePrivacy Directive and CCPA’s “Do Not Track” requirements. California residents may opt out of the sale or sharing of their data via designated mechanisms by contacting us at [email protected].

11. Children’s Privacy

Shopttos.com is not intended for users under the age of 13. We do not knowingly collect, use, or disclose personal information from children without verifiable parental consent. If we become aware that a child under 13 has submitted personal data without appropriate authorization, we will take immediate steps to delete such information from our systems.

12. Policy Updates

We reserve the right to modify or update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other operational reasons. While we will endeavor to notify users of significant changes where feasible, we recommend reviewing this policy periodically. Continued use of Shopttos.com constitutes acknowledgment of any changes.

13. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy, your personal data, or our practices related to privacy and data protection, you may contact us via:

Email: [email protected]

We are committed to protecting your privacy and upholding transparency in how your data is managed. Should you have concerns about your rights or privacy under GDPR, CCPA, or other data protection laws, we encourage you to reach out.