Privacy Policy - One for Tydeep

OneFortyDeep (“we,” “us,” or “our”) is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines how we collect, use, share, and protect your data when you interact with our website at onefortydeep.com (the “Website”) and any services, products, or communication associated with it. Our approach is rooted in transparency and privacy-first principles, and we process your data in full compliance with the General Data Protection Regulation (“GDPR”), the California Consumer Privacy Act (“CCPA”), and other applicable data protection laws.

1. Scope of Policy and Data Controller Role

This Privacy Policy applies to all personal data collected or processed when you access or use onefortydeep.com or communicate with us. We act as the “data controller” in relation to the personal data that we collect and process, meaning we determine the purpose and means of such processing.

2. Categories of Data Processed

We collect and process the following categories of personal data to operate our Website and provide our services:

a. Usage Data
Information about how you use the Website, including IP address, browser type, operating system, referral URL, device identifiers, session duration, and browsing behavior.

b. Account Data
Information submitted during account creation or order submission, such as your full name, postal address, email address, and phone number.

c. Profile Data
Information related to your purchase history, browsing activities, personal preferences, and user behaviour across the Website.

d. Communication Data
Records of your interactions with us, including customer support requests, chat transcripts, email correspondence, and contact form submissions.

e. Technical Data
Device metadata such as hardware model, operating system version, browser plugins, language settings, and general system configurations.

f. Transaction Data
Information related to purchases including product selections, payment method, transaction amounts, billing details, and delivery information (note: we do not store full credit card numbers).

g. Preference Data
Marketing preferences, communication consents, newsletter participation, and product or service interests as indicated by you.

3. Legal Bases for Processing

We process your personal data lawfully, fairly, and transparently according to the following legal grounds:

– Consent: Where you opt in to receive marketing messages or accept cookies, we rely on your informed and voluntary consent.
– Contractual Necessity: Processing necessary to deliver services, complete transactions, and honor contractual commitments.
– Legitimate Interests: Processing necessary to improve the Website, ensure network security, and communicate effectively, provided such interests do not override your rights.
– Legal Obligation: Where processing is necessary to fulfill a legal or regulatory requirement.

4. Your Rights Under GDPR and CCPA

You are entitled to the following rights concerning your personal data:

– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): You may request deletion of your personal data, subject to legal exceptions.
– Right to Restriction: You can request limited use of your data under certain circumstances.
– Right to Data Portability: You may request a copy of your data in a structured, machine-readable format.
– Right to Object: You may object to specific types of processing such as direct marketing.
– Right Not to Be Discriminated Against: U.S. residents are entitled not to be subject to discriminatory treatment for exercising their rights.

To exercise any of these rights, you may contact us at [email protected].

5. Security Measures

We have implemented robust security safeguards to protect your personal data, including:

– Secure socket layer (SSL) encryption to protect data in transit.
– Role-based access controls and two-factor authentication for internal systems.
– Regular data backups and secure storage practices.
– Staff training on data privacy and cybersecurity best practices.
– Internal protocols to detect, respond to, and mitigate security incidents.

Despite our efforts, no system is completely secure. Users are advised to take care when sharing sensitive information online.

6. International Data Transfers

Your information may be transferred to, or maintained on, servers located outside of your jurisdiction. Where such transfers occur, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) or rely on adequacy decisions by the European Commission to ensure your data remains protected.

7. Data Retention

We retain personal data only as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations. Our retention periods are:

– Usage Data: 12 months
– Account and Profile Data: For the duration of your account and up to 3 years post-deletion
– Communication Data: 2 years
– Technical Data: 1 year
– Transaction Data: 7 years (to comply with tax and accounting standards)
– Preference Data: Until you withdraw consent or update settings

We securely delete or anonymize data once retention periods expire.

8. Cookie Policy

We use cookies and similar tracking technologies to enhance your experience on onefortydeep.com. Categories of cookies include:

– Essential Cookies: Necessary for the functioning of the Website (e.g., login, cart, navigation).
– Functional Cookies: Enhance the usability and customization of our interface.
– Analytics Cookies: Help us understand how visitors interact with the Website (e.g., Google Analytics).
– Performance Cookies: Optimize page loading times and error monitoring.

9. Cookie Management and Compliance

In accordance with GDPR and CCPA, we honor your privacy choices by:

– Presenting a clear cookie consent banner upon your first visit.
– Allowing you to accept, reject, or customize cookie preferences.
– Offering opt-out mechanisms for behavioral profiling and analytics.
– Giving California residents the ability to opt out of “sale” of personal information, which includes certain analytics and advertising practices.

You can modify your consent at any time by accessing your cookie settings in your browser or within our cookie management tool.

10. Children’s Privacy

Our Website is not intended for, nor do we knowingly collect personal data from, individuals under the age of 13. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us at [email protected]. We will promptly delete this information in accordance with applicable law.

11. Updates to This Policy

We may amend or update this Privacy Policy at our sole discretion. All substantive changes will be communicated prominently via the Website and/or via email when feasible. We encourage you to review this Privacy Policy periodically to stay informed of our data practices.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, your data, or our privacy practices, please contact:

Email: [email protected]
Website: https://onefortydeep.com

Our commitment to regulatory compliance and user trust is paramount. If you believe your privacy rights have been violated, you also have the right to lodge a complaint with your local data protection authority.

Thank you for trusting OneFortyDeep with your information. We take your privacy seriously and are committed to protecting it.