Privacy Policy for opshiloh.com

1. Introduction: Our Commitment to Privacy and Data Protection

At opshiloh.com (“we,” “our,” or “us”), we are committed to protecting the privacy and personal data of visitors, customers, and users (“you” or “your”) of our website and services. We respect your right to privacy and are committed to ensuring that your personal information is handled in a secure and transparent manner in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

This Privacy Policy outlines the nature of the data we collect, how it is used, your rights regarding your data, and the steps we take to safeguard it.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all personal information processed by opshiloh.com through your use of our website and associated services. opshiloh.com acts as the Data Controller as defined under the GDPR with respect to personal data collected directly from you.

By accessing our website or providing your personal information, you consent to the practices described in this Privacy Policy to the extent permitted by law.

3. Categories of Data We Process

We collect and process the following categories of personal data:

A. Usage Data:
Includes data related to how you interact with our website, such as IP address, browser type, operating system, referring URLs, session duration, and website navigation paths.

B. Account Data:
Includes identity and contact details such as your name, email address, billing and shipping address, and phone number.

C. Profile Data:
Encompasses preferences, purchase history, reviews, behavioral actions taken on our website, and account settings.

D. Communication Data:
Includes your correspondence with our support team, submitted forms, and historical records of customer service interactions.

E. Technical Data:
Covers device identifiers, browser plug-ins, time zone settings, system configuration settings, and other similar diagnostic data.

F. Transaction Data:
Includes payment method details (processed via compliant third-party payment processors), order histories, shipping tracking, and billing records.

G. Preference Data:
Covers your preferences in receiving marketing communications, product interests, and frequency of contact.

4. Legal Bases for Processing

We process your personal data under the following lawful bases:

– Consent: Where you have explicitly given permission for specific types of data processing (e.g., subscribing to marketing emails).
– Contractual Necessity: To process transactions, deliver services, and manage user accounts.
– Legitimate Interest: For purposes such as fraud prevention, website improvements, customer support, and securing our platform, provided that such interests are not overridden by your rights and interests.
– Legal Obligation: To comply with applicable legal and regulatory requirements.

5. Your Rights Under GDPR and CCPA

You have a number of rights under data protection law, which may vary depending on your location. These include:

– Right of Access: To request a copy of the personal data we hold about you.
– Right to Rectification: To correct inaccurate or incomplete data.
– Right to Erasure: To request deletion of your personal data in certain circumstances.
– Right to Restriction: To ask us to suspend the processing of your data.
– Right to Data Portability: To receive your data in a structured, commonly used, and machine-readable format or request we transfer it directly to a third party.
– Right to Object: To object to how we process your data where applicable, including for direct marketing.
– Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise any of the above rights, please contact us at [email protected].

6. Security Measures

We implement appropriate technical and organizational measures to ensure the confidentiality, integrity, and availability of your personal data. These measures include:

– Data encryption during transit and at rest;
– Role-based access controls;
– Secure authentication protocols;
– Regular security audits and vulnerability testing;
– Staff training in data protection and privacy principles;
– Frequent, encrypted backups for data loss prevention.

While we take all reasonable precautions, no method of internet transmission or electronic storage is completely secure. We encourage users to take similar precautions in safeguarding personal information.

7. International Data Transfers

If you are located outside the country from which our servers operate, your data may be transferred to and processed in jurisdictions not recognized as providing an equivalent level of data protection. Where applicable, we implement Standard Contractual Clauses and other adequacy mechanisms approved by the European Commission and U.S. authorities to ensure appropriate safeguards are in place.

8. Data Retention

We retain your data for as long as is necessary for the purposes set out in this policy, subject to legal obligations or enforcement considerations. Retention periods include:

– Account and Profile Data: Retained for the duration of your account and up to 2 years after account closure.
– Transaction and Communication Data: Retained for 7 years to comply with financial regulations.
– Technical and Usage Data: Retained for up to 26 months for analytics and system troubleshooting.

Anonymized data may be retained indefinitely.

9. Cookie Policy

Cookies are small text files stored on your device to improve website function, performance, and user experience. We use the following types of cookies:

– Essential Cookies: Required for basic site functionality and user authentication.
– Functional Cookies: Remember site preferences and user-selected options.
– Analytics Cookies: Help us understand traffic patterns, usage behavior, and system performance.
– Performance Cookies: Measure the effectiveness of pages, features, or marketing efforts.

10. Cookie Management and Compliance

We provide users with a Cookie Consent Tool upon first visit, allowing granular control over optional cookies in compliance with GDPR and CCPA. Users can withdraw consent or change preferences at any time via the cookie settings link in the website footer.

Browser settings can also be adjusted to manage or restrict cookie usage. Please note that disabling certain cookies may impair website functionality.

11. Children’s Privacy

Our services are not directed toward persons under the age of 13. We do not knowingly collect or solicit data from children. If we become aware of data collected from a minor without parental consent, we will take reasonable steps to promptly delete such data. Parents or legal guardians concerned about their child’s data may contact us at [email protected].

12. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in legal requirements, business practices, or service offerings. All such changes will be posted on opshiloh.com, and where material, we will provide notice or obtain consent as required by law. Continued use of our services following such updates constitutes acceptance of the updated terms.

13. Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact:

Email: [email protected]

We are committed to upholding your privacy rights and ensuring the lawful and transparent processing of your personal information. If you have any privacy-related inquiries or wish to make a complaint, we encourage you to reach out to us directly.

Compliance Assurance

Your trust is important to us. opshiloh.com complies with the GDPR, the CCPA, and all applicable data protection laws and best practices. For any further clarification regarding your data, please contact us at the email provided above.