Privacy Policy
1. Introduction
At nappies2go.com, we are committed to safeguarding your personal data and upholding your privacy rights. We believe in a privacy-first approach and ensure that all information collected is handled with the highest standards of security and transparency. Whether you’re browsing our site or transacting through our platform, you can trust that your privacy is protected in accordance with global data protection frameworks, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of nappies2go.com and governs all processing activities involving personal data collected through our website, including but not limited to browsing, shopping, account registration, and customer communications.
Nappies2Go is the data controller for the purposes of applicable data protection legislation. As the data controller, we determine the purposes and means of processing your personal data. Any inquiries regarding how your data is handled should be sent to [email protected].
3. Categories of Data Processed
We may collect and process the following types of personal information:
a. Usage Data
Information relating to your interaction with nappies2go.com, including browser type and version, IP address, time zone setting, session duration, device identifiers, and site navigation paths.
b. Account Data
Details you provide when signing up or placing an order, including your full name, billing and shipping addresses, email address, and phone number.
c. Profile Data
Information linked to your shopping behavior, purchase history, interests, saved products, and user preferences.
d. Communication Data
Records of correspondence with our customer support team, including emails, chat sessions, and any follow-up messages.
e. Technical Data
Device-related information such as operating systems, browser plug-in types and versions, screen resolution, and system configurations.
f. Transaction Data
Data associated with your purchases, including payment method (last four digits only, for reference), transaction date and amount, and delivery tracking information.
g. Preference Data
Your responses to marketing communications, language selections, newsletter subscriptions, product interest settings, and consent records.
4. Legal Bases for Processing
We rely on multiple legal grounds to collect and use your personal data, depending on the context:
– Consent: When you provide us explicit permission, such as subscribing to newsletters or accepting marketing cookies.
– Contractual Necessity: When processing is essential to fulfill a contract with you, such as shipping an order.
– Legitimate Interests: When processing is necessary for our business operations and does not override your rights, including fraud prevention, site security, and customer service improvement.
– Legal Obligation: When we are required to process your data by law, such as tax reporting obligations.
5. Your Rights
You have the following rights regarding your personal data, subject to certain conditions:
– Right of Access: You may request copies of your personal data.
– Right to Rectification: You may request corrections to inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): You may ask us to delete your personal data.
– Right to Restriction: You may request that we suspend processing of your data in certain situations.
– Right to Data Portability: You may request to receive your data in a structured, machine-readable format and have it transmitted to another controller.
To exercise your rights, please contact us at [email protected]. Verification of identity may be required before honoring requests.
6. Security Measures
We implement appropriate technical and organizational measures to protect your data, including:
– End-to-end encryption of sensitive information
– Role-based access control and authorization procedures
– Regular backups and secure storage
– Staff training on data security and privacy protocols
– Ongoing vulnerability assessments
7. International Transfers
Should your personal data be processed or accessed from regions outside your country of residence, we ensure such transfers comply with legal safeguards. For users in the EU/EEA, we rely on Standard Contractual Clauses approved by the European Commission and ensure that third-party processors adhere to equivalent data protection standards.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes described in this policy. Specific retention periods include:
– Account and Profile Data: Retained for the lifetime of the account and up to 2 years post-deletion.
– Transaction Data: Retained for 7 years to comply with legal and accounting obligations.
– Communication Data: Retained for 2 years for customer service follow-up and training.
– Technical and Usage Data: Retained for 12 months unless needed longer for security purposes.
9. Cookie Policy
Cookies are small files placed on your device to improve the functionality and performance of our services. We use the following categories:
– Essential Cookies: Necessary for website operation, such as shopping cart functionality.
– Functional Cookies: Enable enhanced features like remembering preferences.
– Analytics Cookies: Collect aggregated data to understand traffic and usage patterns.
– Performance Cookies: Help monitor and improve the speed and experience of the website.
10. Cookie Management and Compliance
When you visit nappies2go.com, you are given the option to manage your cookie preferences in compliance with GDPR and CCPA. You may withdraw consent or adjust settings at any time using our cookie consent manager or by adjusting your browser preferences. For California residents, cookie identifiers may qualify as personal information under the CCPA, and we respect the right to opt-out of “sale” of personal data as defined by law.
11. Special Protections for Children
We do not knowingly collect personal data from children under the age of 13. If we become aware that a child has provided us with personal data without verified parental consent, we will take appropriate steps to delete such information. Parents or guardians who believe their child has submitted personal data to nappies2go.com should contact us promptly at [email protected].
12. Policy Updates and User Notifications
We may modify this Privacy Policy when necessary to reflect changes in legislation, technology, or business practices. Any updates will be published on nappies2go.com, and material changes will be communicated through appropriate channels. Your continued use of the website constitutes acceptance of the updated policy.
13. Contact Us
If you have any questions concerning this Privacy Policy, the data we hold on you, or if you would like to exercise one of your data rights, please contact our Data Protection Officer at:
Email: [email protected]
We are committed to compliance with all applicable privacy laws and encourage you to reach out to us with any concerns or requests regarding your personal information or data protection practices.