Privacy Policy for Infolab21.com
1. Introduction
At Infolab21.com, we are committed to protecting your personal data and your right to privacy. This Privacy Policy aims to inform you about how we collect, use, disclose, and protect your information, in full compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws. We uphold the principles of fairness, transparency, accountability, and privacy by design and default in all of our data processing activities.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users and visitors of Infolab21.com and covers how we process personal data whether collected through the website, electronic communications, direct interactions, or other linked services.
Infolab21.com acts as the data controller for the purposes of GDPR, meaning we determine the purposes and means of the processing of personal data collected through our site. For residents covered by the CCPA, this policy also outlines how we collect, use, disclose, and secure the personal information of California consumers.
If you have any concerns or inquiries regarding data processing, contact us at [email protected].
3. Categories of Personal Data We Process
We process various categories of personal data depending on how you interact with Infolab21.com. These categories include:
– Usage Data: IP address, browser type, browsing activity, page visits, referral sources, session metadata, log files.
– Account Data: Name, email address, postal address, phone number, username, account credentials.
– Profile Data: User behavior, saved items, interest areas, previous purchases, reviews, or survey responses.
– Communication Data: Records of contact with customer service or support, feedback submissions, email correspondence.
– Technical Data: Device model, operating system, browser settings, connection times, mobile data identifiers, cookies.
– Transaction Data: Payment history, billing details, delivery addresses, order confirmations, refunds.
– Preference Data: Marketing communication preferences, opt-in/opt-out consents, personal interests, language settings.
4. Legal Bases for Processing Personal Data
We process your personal data only when there is a valid legal basis under applicable law, including:
– Consent: When you voluntarily provide data or explicitly agree to processing, e.g., for newsletters or marketing.
– Contractual Necessity: When processing is required to fulfill a contract with you, such as account registration or purchases.
– Legal Obligations: When we are required to process data to comply with legal or regulatory obligations.
– Legitimate Interests: When necessary for our legitimate business interests, provided your privacy rights are not overridden. This includes analytics, service improvement, fraud prevention, and security.
5. Your Rights
As a data subject, you have the following rights under applicable data protection laws:
– Right to Access: You can request a copy of the personal data we hold about you.
– Right to Rectification: You may correct or update your personal data if inaccurate or incomplete.
– Right to Erasure: You can request deletion of your data under specific circumstances.
– Right to Restrict Processing: You can request limitation of data processing in certain cases.
– Right to Data Portability: You are entitled to receive your data in a structured, commonly used, machine-readable format.
– Right to Object: You may object to processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent: Where processing is based on consent, it may be withdrawn at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We have implemented technical and organizational safeguards to ensure the integrity, availability, and confidentiality of your personal data. These include:
– Data encryption in transit and at rest.
– Firewalls and secure access management protocols.
– Regular data backups and disaster recovery practices.
– Role-based access controls and staff data protection training.
– Security assessments and vulnerability monitoring.
While no system can guarantee absolute security, our measures are designed to mitigate risks and safeguard your data against unauthorized access, disclosure, alteration, or loss.
7. International Data Transfers
Your personal data may be processed outside your country of residence, including in jurisdictions that may not provide the same level of data protection. When we transfer data outside the EU or EEA, we use approved mechanisms such as Standard Contractual Clauses, adequacy decisions, or other lawful safeguards to ensure a comparable level of protection.
Where required under the CCPA, we implement appropriate data processing agreements with service providers and demand equivalent confidentiality and security obligations from third parties.
8. Data Retention
We retain personal data only as long as necessary to fulfill the purposes outlined in this Privacy Policy. Retention periods vary depending on the category of data and applicable legal obligations:
– Usage and Analytics Data: 12 months
– Account and Profile Data: Active duration of account plus 24 months
– Communication Records: 36 months from last interaction
– Transaction and Billing Records: 7 years to comply with tax and accounting laws
– Marketing Preferences: Retained until the user withdraws consent or unsubscribes
When personal data is no longer necessary, we securely delete or anonymize it in accordance with our data retention protocols.
9. Cookie Policy
Infolab21.com uses cookies and similar tracking technologies to enhance user experience and gather insights about site usage. Categories of cookies we use include:
– Essential Cookies: Necessary for core functionality such as login and navigation.
– Functional Cookies: Remember your preferences and settings to improve usability.
– Performance Cookies: Collect anonymous data for assessing website performance and user interactions.
– Analytics Cookies: Provide statistical insights on usage patterns through tools like Google Analytics.
10. Cookie Management and Compliance
You have control over non-essential cookies and may manage preferences via our cookie banner or browser settings. Where required by GDPR, we obtain your explicit consent before placing non-essential cookies. For US residents, including California, cookie usage is disclosed transparently through our Do Not Sell or Share My Personal Information interface, in accordance with the CCPA.
You may opt out of analytics or targeted marketing cookies at any time through cookie settings or browser extensions. Please note that disabling certain cookies may impact site functionality.
11. Children’s Privacy
Infolab21.com does not knowingly collect personal data from children under 13 years of age. If we become aware that a child under 13 has provided us with personal data, we will take steps to delete such information immediately. Parents or legal guardians who believe their child has submitted data to us may contact us at [email protected].
12. Policy Updates and User Notifications
We reserve the right to update this Privacy Policy as necessary to reflect legal, technical, or organizational changes. If we make material changes that affect your rights or the way we process your information, we will provide appropriate notice via email, banners, or other prominent communications on Infolab21.com.
You are encouraged to review this policy periodically to stay informed about how we protect your data.
13. Contact Information
If you have any questions, concerns, or requests related to this Privacy Policy or our data practices, you can contact us at:
Email: [email protected]
Website: https://infolab21.com
We are committed to ensuring compliance with all applicable data protection laws and empowering you to maintain control over your personal data.