Privacy Policy
1. Introduction
At evensister.com (“we,” “our,” or “us”), we are firmly committed to safeguarding the privacy and security of our users’ personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws. We prioritize transparency, security, and accountability in all data handling practices to ensure your trust in our services.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through evensister.com, including through its services, features, content, and communications. For purposes of applicable data protection laws, evensister.com is the “data controller,” meaning we determine the purposes and means of processing your personal information. Any third-party websites linked to or from evensister.com are not governed by this Privacy Policy.
3. Categories of Data We Process
We process the following categories of personal data:
a) Usage Data
Includes data such as IP address, browser type and version, geolocation, time zone settings, pages visited, referring/exit URLs, clickstream data, and session timings. This data helps us understand user interactions and optimize website performance.
b) Account Data
Includes your name, mailing address, email address, phone number, and any other data provided during sign-up or account creation.
c) Profile Data
Includes preferences, browsing history on evensister.com, wishlists, saved items, prior purchases, feedback, and behavioral data collected when interacting with our services.
d) Communication Data
Includes the content of your correspondence with us, your interaction history with customer support or feedback forms, and any requests submitted through our contact mechanisms.
e) Technical Data
Includes device information, operating system, screen resolution, mobile device identifiers, system configurations, and diagnostic data derived from system logs.
f) Transaction Data
Includes details regarding payments made via our platform, including payment method, billing and shipping addresses, and delivery or fulfillment status.
g) Preference Data
Includes marketing preferences, language selections, communication frequency settings, and other indicators of your product interests or engagement.
4. Legal Bases for Processing
We process your personal data under the following legal bases defined in the GDPR and mirrored in CCPA expectations where applicable:
– Performance of a contract: when the data is necessary to fulfill a service or transaction you have requested.
– Consent: where you have explicitly given us permission, such as for receiving marketing communications.
– Legal obligation: where processing is required to comply with laws or enforce legal rights.
– Legitimate interests: for internal administrative purposes, fraud detection, website improvement, or analytics, where such interests are not overridden by your privacy rights.
5. Your Data Protection Rights
Under the GDPR and the CCPA, you have the following rights:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may request that we correct inaccurate or incomplete data.
– Right to Erasure (“Right to Be Forgotten”): You may request that we delete your personal information.
– Right to Restriction: You may request that we restrict processing under certain conditions.
– Right to Data Portability: You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller.
– Right to Object: You may object to certain types of processing, including direct marketing and profiling.
– Right Not to Be Subject to Automated Decision-Making: We do not engage in automated decision-making without human involvement that significantly affects you.
To exercise your rights, you may contact us at [email protected].
6. Security Measures
We implement and maintain appropriate technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. These include:
– End-to-end encryption for data transmission.
– Role-based and limited access to personal data.
– Regular backups and failover protocols.
– Staff training in data protection and privacy procedures.
– Continuous monitoring for security vulnerabilities.
7. International Data Transfers
Your information may be transferred to, stored in, or accessed from jurisdictions outside your own, including countries outside the European Economic Area (EEA). Where we transfer data internationally, we do so in accordance with lawful mechanisms such as Standard Contractual Clauses (SCCs), adequacy decisions, or other frameworks compliant with GDPR and other relevant laws.
8. Data Retention
We retain personal data only for as long as necessary for the purposes for which it is collected, including any legal, accounting, or reporting obligations. Specific retention periods include:
– Usage Data: up to 26 months for analytics purposes.
– Account Data: retained for the duration of account existence and up to 6 years thereafter for compliance.
– Transaction Data: retained for 7 years per tax and audit requirements.
– Communication Data: retained for 3 years from the date of last interaction.
– Preference Data: retained until consent is withdrawn or becomes obsolete.
9. Cookie Policy
evensister.com uses cookies and similar technologies for a range of purposes:
– Essential Cookies: Required for site operation and core functionality (e.g., shopping cart, login).
– Functional Cookies: Enable improved functionality and personalization (e.g., remembering language or region).
– Analytics Cookies: Collect aggregate data about how users interact with our website to improve usability.
– Performance Cookies: Help improve website speed and service reliability based on system metrics.
No cookies will collect personally identifiable information unless you have provided it elsewhere and consented to linking cookies with identifiable data.
10. Cookie Management & Legal Compliance
We provide a Cookie Consent Banner when you first access evensister.com, complying with GDPR, CCPA, and similar regulations. Users can customize or withdraw cookie preferences at any time via the cookie settings manager, accessible on the website footer.
California residents may further opt out of the “sale” of personal data (as defined under the CCPA) by using the “Do Not Sell My Personal Information” link on our website.
11. Special Protections for Children
evensister.com does not knowingly collect or solicit personal information from children under the age of 13. If we become aware that such data has been collected without verified parental consent, we will take immediate steps to delete the data and disable any associated account.
12. Policy Updates
We reserve the right to update this Privacy Policy to reflect legal, operational, or technological changes. Such updates will be published on evensister.com, and we will notify users where materially required by applicable law. You are encouraged to review this page periodically.
13. Contact Us
If you have questions about this Privacy Policy, our privacy practices, or wish to exercise your data protection rights, please contact:
Email: [email protected]
Website: https://evensister.com
We are committed to complying with all applicable privacy regulations and working transparently with users to address any data protection concerns.