Privacy Policy & GDPR Compliance

 

Effective Date: [11.02.2024]

At Arroway Modular Bracelets (AMB), we are committed to safeguarding and respecting your privacy. This Privacy Policy outlines how we collect, process, store, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws. By using our services, you agree to the collection and use of your data as outlined below.

 

1. Who We Are

Arroway Modular Bracelets (AMB) is an online retailer, located in United States of America. If you have any questions or concerns about your data or this Privacy Policy, please contact us using the form here.

 

2. Data We Collect

We collect the following types of personal data from you:

  • Identity Information: Name, username, or similar identifiers.
  • Contact Details: Email address, phone number, and postal address.
  • Transaction Information: Orders, payments, and other transaction-related details.
  • Financial Information: Payment details (e.g., credit card number, billing address).
  • Technical Information: IP address, browser type, operating system, device details, and usage data on our website or services.
  • Marketing Preferences: Your communication preferences regarding promotional materials.

 

3. How We Use Your Data

We use your personal data for the following purposes:

  • To provide and deliver services: To process your orders, fulfill transactions, and manage your customer account.
  • To communicate with you: For customer support, transaction notifications, and marketing communications (if you’ve opted in).
  • For business operations: To improve our products, services, and website based on user feedback and behavior.
  • To comply with legal obligations: Including tax reporting, fraud prevention, and other regulatory requirements.

 

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contractual necessity: To fulfill our contract with you, such as processing orders or providing services.
  • Consent: Where you have given us consent, particularly for marketing communications.
  • Legitimate interest: For purposes like improving our services or detecting fraud, provided these interests do not override your privacy rights.
  • Legal obligations: To meet statutory requirements (e.g., for record-keeping or tax purposes).

 

5. How We Protect Your Data

We take the security of your personal data seriously. We implement appropriate technical and organizational measures to protect your information from unauthorized access, alteration, or loss. However, no system is 100% secure, and we cannot guarantee complete security of your data.

 

6. Sharing Your Data

We may share your personal data with third parties under the following circumstances:

  • Service Providers: We share data with trusted third-party partners, such as payment processors, delivery services, and IT support companies, who help us run our business.
  • Legal Requirements: We may disclose your data when required by law or to protect our rights, safety, or property, or to comply with a judicial proceeding or legal process.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred as part of the transaction.

 

7. International Data Transfers

Your data may be transferred to, and processed in, countries outside of the European Economic Area (EEA). If we transfer your data internationally, we will take steps to ensure that adequate safeguards are in place, such as using Standard Contractual Clauses (SCCs) or other approved mechanisms.

 

8. Your Rights Under GDPR

Under the GDPR, you have the following rights concerning your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that we update or correct inaccurate or incomplete information.
  • Right to Erasure: You can request the deletion of your personal data, subject to certain exceptions.
  • Right to Restriction of Processing: You can request the restriction of processing of your data in certain circumstances.
  • Right to Data Portability: You can request to have your data transferred to another organization in a structured, commonly used format.
  • Right to Object: You can object to the processing of your data for certain purposes, such as direct marketing.
  • Right to Withdraw Consent: You can withdraw your consent to process your data at any time.

To exercise any of these rights, please contact us at here. We aim to respond to your requests within one month, though this may be extended in certain circumstances.

 

9. Data Retention

We will retain your personal data for no longer than necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. After that, we will securely delete or anonymize your data.

 

10. Cookies and Similar Technologies

We use cookies and similar technologies to enhance your experience on our website. You can manage your cookie preferences by adjusting the settings in your browser. For more detailed information, please see our Privacy Policy.

 

11. Complaints

If you believe that we have not adequately handled your personal data, you have the right to lodge a complaint with a supervisory authority in your country. For more information, visit the European Data Protection Board’s website https://edpb.europa.eu/.