Privacy Policy for CareRustic.com

1. Introduction

At CareRustic.com, we are committed to protecting your privacy, securing your personal data, and upholding your rights under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage with our services. We prioritize transparency, data minimization, and user control in all our practices relating to personal data.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all users and visitors accessing CareRustic.com and interacting with CareRustic’s services. For the purposes of GDPR and relevant data protection legislation, CareRustic is the “Data Controller” responsible for determining the purposes and means of processing your personal data. Questions or concerns about our privacy practices should be directed to our team at [email protected].

3. Categories of Data We Process

We collect various categories of personal data to provide and improve our services. These categories include:

– Usage Data: Information about how you navigate and interact with CareRustic.com, such as browser type, IP address, access timestamps, pages visited, referring URLs, and session durations.

– Account Data: Details you provide when creating or managing an account, including your full name, billing and shipping address, email address, and telephone number.

– Profile Data: Information linked to your preferences on the website, prior purchases, behavior patterns, and saved settings.

– Communication Data: Correspondence and support interactions, including emails, live chat transcripts, contact form submissions, and support tickets.

– Technical Data: Device type, operating system, browser configurations, screen resolution, and other system-level identifiers.

– Transaction Data: Information related to your purchases, including payment method details (processed securely), order history, delivery address, and billing confirmations.

– Preference Data: Marketing communication preferences, newsletter opt-ins, product interest indicators, and consent signals.

4. Legal Bases for Processing

We rely on several legal bases to process your data in accordance with Article 6 of GDPR:

– Contractual Necessity: When processing is required to fulfill a contract with you, such as completing purchases, delivering services, or maintaining your account.

– Legitimate Interest: For business purposes such as improving service delivery, preventing fraud, maintaining security, or analyzing user trends, provided your fundamental rights do not override these interests.

– Consent: Where we request and obtain your clear, informed permission, particularly for marketing communications and non-essential cookies.

– Legal Obligations: Where processing is mandated by law or legal proceedings.

5. Your Rights

In accordance with GDPR and CCPA, you have the following rights over your personal data:

– Right of Access: You may request access to the personal data we hold about you.

– Right to Rectification: You can request corrections to inaccurate or incomplete data.

– Right to Erasure: You can request the deletion of your personal data under certain circumstances.

– Right to Restriction: You may request temporary suspension of data processing under specific conditions.

– Right to Portability: You have the right to request transfer of your data to another controller in a structured, commonly used format.

– Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior activities.

– Right to Object: Residents of California may request to opt-out of the “sale” or “sharing” of their data, as defined under the CCPA.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We implement appropriate technical and organizational safeguards to ensure a high level of data protection, including:

– End-to-End Encryption: Personal data is encrypted in transit (SSL/TLS) and at rest where applicable.

– Access Controls: Only authorized personnel have access to systems housing personal data.

– Data Backups: Secure backups are performed regularly to ensure data integrity and recovery.

– Staff Training: All personnel receive training on data security, handling, and awareness.

Despite our security efforts, no transmission or storage system is absolutely secure. Users share data at their own risk.

7. International Transfers

If your personal data is processed outside the European Economic Area or California, we take required steps to ensure adequate protection is in place. These include the adoption of Standard Contractual Clauses approved by the EU Commission and adherence to regional data transfer frameworks where applicable.

8. Data Retention

We retain personal data only as long as necessary for the purposes set out in this Policy:

– Usage Data: Up to 12 months

– Account Data: While accounts remain active or as required for verification and legal obligations

– Profile Data: Up to 24 months of inactivity or upon request for deletion

– Communication Data: Retained for 3 years for customer service reference and legal accountability

– Technical Data: Up to 6 months for operational security purposes

– Transaction Data: Retained for 7 years for compliance with financial and tax regulations

– Preference Data: Remains until consent is withdrawn or modified

Upon expiration, data is securely deleted, de-identified, or anonymized.

9. Cookie Policy

CareRustic.com uses cookies and related tracking technologies to enhance user experience. Categories of cookies used include:

– Essential Cookies: Necessary for site functionality and core operations (e.g., authentication, cart storage)

– Functional Cookies: Enable site personalization and user preference retention

– Analytics Cookies: Provide metrics on visitor behavior to inform site optimization (e.g., Google Analytics)

– Performance Cookies: Improve site speed and responsiveness through load balancing and caching

10. Cookie Management and Compliance

By using CareRustic.com, you are presented with the option to manage your cookie choices. In compliance with GDPR and CCPA, we operate a consent management platform that allows users to accept or decline non-essential cookies. California residents may further exercise their right to opt-out of data sharing categorized as “selling” under CCPA via designated notices on the site.

To manage your preferences, use the “Cookie Settings” link available in the website footer. You may also control cookies through your browser settings.

11. Special Protections for Children

CareRustic.com does not knowingly collect or solicit personal data from children under the age of 13. If we learn that we have inadvertently collected information from a child, we will take immediate steps to delete such data. Parents or guardians who believe their child’s information has been submitted inadvertently may contact us at [email protected] to request deletion.

12. Updates to This Privacy Policy

This Privacy Policy may be revised periodically to reflect changes in legal, operational, or technological practices. Users will be notified of material modifications via announcements on CareRustic.com or through email if applicable. Continued use of the website after changes signifies consent to the updated practices.

13. Contact Information

If you have questions, complaints, or requests concerning this Privacy Policy or your personal data, please contact us at:

Email: [email protected]
Website: https://www.carerustic.com

We are committed to data protection compliance and encourage users to reach out with any concerns related to privacy.