Privacy Policy for necromorphous.com
1. Introduction
At necromorphous.com, we value and prioritize your privacy and the protection of your personal data. As a responsible data controller, we are committed to safeguarding the confidentiality, integrity, and availability of all personal information in compliance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”), as amended. This Privacy Policy sets forth our practices concerning how we collect, use, disclose, and protect your personal data in connection with your use of our website and services.
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all users who access or interact with necromorphous.com. The entity responsible for the processing of personal data (the “Data Controller”) is Necromorphous, which operates the website necromorphous.com. For all inquiries relating to the processing of personal data, you may contact us at [email protected].
3. Categories of Personal Data Processed
We collect and process the following categories of personal data, depending on your interactions with our website:
a. Usage Data
This includes information such as your IP address, browser type and version, operating system, referral URLs, pages visited, session duration, and other diagnostic data gathered via log files and analytics tools.
b. Account Data
This includes information you provide when creating an account, such as full name, email address, physical address, phone number, and account credentials.
c. Profile Data
This includes your preferences, purchase history, account settings, behavior on the site, and social media identifiers if voluntary provided.
d. Communication Data
This includes any correspondence you send to us, including messages submitted via contact forms, email communications, support inquiries, or customer service interactions.
e. Technical Data
Device-specific details such as your hardware model, device identifiers, operating system version, unique device identifiers, screen resolution, and system configuration settings.
f. Transaction Data
This includes payment information, billing/shipping details, order history, and associated metadata for transactional records.
g. Preference Data
This includes your communication choices, marketing consents, product or content interests, and preferences provided through surveys or account settings.
4. Legal Bases for Processing
We rely on the following lawful bases for processing your personal data:
– Consent: For the use of non-essential cookies, direct marketing, or other processing activities that require your prior permission.
– Contractual Necessity: To fulfill obligations arising from contracts entered into with you, including account management and order fulfillment.
– Legitimate Interests: To enhance website functionality, improve services, conduct analytics, prevent fraud, and ensure network and information security provided such processing does not override your rights.
– Legal Obligation: To comply with our legal and regulatory obligations.
5. Your Rights
You have the following rights under data protection laws:
– Right of Access: To obtain confirmation as to whether your personal data is being processed and access to such data.
– Right to Rectification: To correct inaccurate or incomplete information.
– Right to Erasure: To request deletion of your personal data in specific circumstances, commonly known as “the right to be forgotten.”
– Right to Restriction of Processing: To limit the use of your data in certain cases.
– Right to Data Portability: To receive your personal data in a structured, commonly used, and machine-readable format, and to transfer that data to another controller where applicable.
– Right to Object: To object to processing based on legitimate interests or direct marketing.
To exercise any of the above rights, please contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational measures to protect your personal data including, but not limited to:
– Encryption of data in transit and at rest
– Role-based access control and authentication protocols
– Firewalls and endpoint protection systems
– Regular backups and data recovery protocols
– Ongoing employee data privacy training and awareness programs
While we take serious efforts to safeguard your data, no system can be guaranteed to be completely secure.
7. International Transfers
Your personal data may be transferred to, and processed in, countries outside your own jurisdiction. In such cases, we implement appropriate safeguards, including the use of Standard Contractual Clauses approved by the European Commission and other legal mechanisms recognized by applicable data protection laws to ensure an adequate level of data protection.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, subject to legal, tax, accounting, or regulatory requirements. Retention periods are defined as follows:
– Usage Data: Up to 12 months unless aggregated or anonymized sooner.
– Account and Profile Data: For the duration of the user relationship and up to 7 years after termination.
– Communication Data: 3 years from last contact.
– Transaction Data: 7 years to meet financial and tax obligations.
– Preference Data: Until consent is withdrawn or profile is deleted.
We anonymize or securely delete data after the retention period expires.
9. Cookie Policy
necromorphous.com uses cookies and similar technologies to enhance user experience. Cookies fall into the following categories:
– Essential Cookies: Necessary for site functionality, such as authentication and navigation.
– Functional Cookies: Enhance performance and support usability features such as remembering preferences.
– Analytics Cookies: Collect aggregate usage and visitor behavior data to improve website content and user experience.
– Performance Cookies: Monitor site performance and error reporting to ensure optimal operation.
10. Cookie Management and Compliance
In accordance with GDPR and CCPA, consent is obtained prior to the placement of non-essential cookies. You may manage your cookie preferences via the cookie consent tool available on necromorphous.com or adjust settings in your browser. Users may opt-out of data sharing with third-party analytics providers through built-in browser mechanisms or through tools offered by platforms such as Google Analytics.
11. Protection of Children’s Data
necromorphous.com is not intended for children under the age of 13. We do not knowingly collect or solicit personal data from children under 13. If we learn that we have inadvertently collected such data, we will promptly delete it. Parents or legal guardians who suspect that a child has submitted data without their consent should contact us via [email protected].
12. Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in technology, legal requirements, or our practices. We will notify users of material changes through our website or by direct communication where required. Your continued use of necromorphous.com indicates your acceptance of the current version of the Privacy Policy.
13. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or the way we handle your personal data, please contact us at:
Email: [email protected]
We are committed to full compliance with the GDPR, CCPA, and all applicable data protection laws. Your privacy is our priority, and we are here to support and uphold your rights at all times.