Privacy Policy
1. Introduction
At bca12.com (“Website”, “we”, “us”, or “our”), we are firmly committed to safeguarding the privacy of our users (“you”, “your”) and protecting your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you use our Website. We operate with a privacy-first mindset and comply with applicable data privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all information collected through your interaction with bca12.com, including data provided through our Website or through other communication channels such as email or support inquiries. For the purposes of the GDPR and other relevant data protection laws, bca12.com acts as the data controller with respect to any personal data collected. If you have questions regarding this policy or the handling of your information, you may contact us at: [email protected].
3. Categories of Data We Process
We may collect, use, store, and transfer various categories of personal data about you, including but not limited to:
– Usage Data: Includes information about how you use our Website, such as IP addresses, browser type and version, visited pages, time and date of visits, session duration, and referring URLs.
– Account Data: Includes personal identifiers such as your full name, billing and shipping addresses, email address, and phone number as provided through your user account or order process.
– Profile Data: Includes your preferences, browsing history, feedback, purchase behavior, and product interests when interacting with our Website or services.
– Communication Data: Includes records of your correspondence with us, including support requests, inquiries, customer service communications, and other user-submitted content.
– Technical Data: Includes information related to the device and technology you use to access our Website, such as device identifiers, operating system, browser specifications, and system configurations.
– Transaction Data: Includes details about services you have purchased from us, including order details, payment methods (masked payment card information, payment confirmation), and delivery information.
– Preference Data: Includes your explicit consents, email marketing preferences, product interest selections, and communication settings.
4. Legal Bases for Processing
We only process your personal data when permitted by law. Our legal bases include:
– Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take steps prior to entering into such a contract (e.g., to process purchases or deliver services).
– Legitimate Interests: Where processing is reasonable and necessary for our legitimate business interests, provided it does not override your fundamental rights and freedoms (e.g., analytics to improve the Website experience).
– Consent: Where you have explicitly consented to the processing of your data (e.g., for marketing purposes or use of non-essential cookies). You may withdraw your consent at any time.
– Legal Compliance: Where processing is necessary to comply with our legal obligations or lawful governmental requests.
5. Your Rights
Under applicable data protection laws, you have the following rights, subject to certain conditions and limitations:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may request that incomplete or inaccurate data be corrected.
– Right to Erasure: You may request deletion of your personal information under certain circumstances.
– Right to Restriction: You may request limits on how we process your data.
– Right to Data Portability: You may request a copy of your data in a structured, machine-readable format and request transmission to another controller.
To exercise any of these rights, please email us at [email protected] and include sufficient detail to allow us to verify your identity and respond to your request.
6. Security Measures
We employ a combination of technical, administrative, and organizational security measures to protect your personal information, including:
– Encryption of data in transit and at rest;
– Role-based access control and authentication procedures;
– Regular data backups and disaster recovery safeguards;
– Staff training and confidentiality obligations;
– Routine monitoring and evaluation of systems for vulnerabilities.
While no method of transmission over the internet is entirely secure, we are committed to continual improvements in data protection and incident prevention.
7. International Data Transfers
Your personal data may be transferred to, and processed in, countries outside your jurisdiction, some of which may have different or lower levels of data protection. Where such international transfers occur, we implement appropriate safeguards, including:
– Standard Contractual Clauses approved by the European Commission;
– Data Processing Agreements ensuring the recipient upholds equivalent levels of protection;
– Compliance with local regulations for cross-border data flows.
We ensure all such transfers are conducted in a manner compliant with GDPR and other relevant laws.
8. Data Retention
We retain your personal data only for as long as is necessary to meet the purposes outlined in this Privacy Policy or as required by law or regulation. Retention periods vary by data type:
– Usage Data: Retained for up to 12 months for analytics purposes.
– Account and Profile Data: Retained while the account is active and up to 5 years thereafter.
– Communication Data: Retained for up to 3 years after last communication.
– Transaction Data: Retained for accounting and legal compliance for up to 7 years.
– Preference Data: Retained until consent is withdrawn or data is updated by the user.
Data no longer required is securely erased or anonymized.
9. Cookie Policy
Our Website uses cookies and tracking technologies to enhance user experience. Cookies may be categorized as:
– Essential Cookies: Necessary for core functionality (e.g., session management, login).
– Functional Cookies: Enable site personalization and remember preferences.
– Analytics Cookies: Provide insights into usage patterns to improve performance.
– Performance Cookies: Help optimize speed and responsiveness.
Some cookies are set directly by us, while others may be set by third parties. You can review our full Cookie Policy by accessing the link on our Website’s footer.
10. Cookie Management and GDPR/CCPA Compliance
On your first visit to bca12.com, a cookie banner will prompt you to consent (or not) to the use of specific categories of cookies, except for those strictly necessary. You have the ability to:
– Accept or reject non-essential cookies;
– Revoke consent at any time through cookie settings;
– Use browser settings to block or delete cookies completely.
Our cookie practices are fully aligned with the GDPR and CCPA requirements, giving you control and transparency over your data.
11. Protection of Children’s Data
Our services are not directed at children under the age of 13, and we do not knowingly collect personal data from individuals in this age group. If we are made aware of such collection, we will promptly delete the data from our records and take steps to prevent future collection.
If you believe that bca12.com has inadvertently collected data from a child under 13, please notify us immediately at [email protected].
12. Policy Updates and User Notifications
We reserve the right to update this Privacy Policy to reflect legal, technical, or operational changes. When changes are made, we will update the content on this page and, where appropriate, notify users through the Website or contact information provided. You should periodically review this Privacy Policy to remain informed about our data handling practices.
13. Contact Us
For questions, concerns, or requests related to this Privacy Policy or your personal data, please contact:
Data Protection Officer
Email: [email protected]
We are committed to full compliance with all relevant privacy legislation and encourage you to reach out with any privacy-related concerns.