Privacy Policy
1. Introduction
At RiftTrek (“we,” “us,” or “our”), available at rifttrek.com, we are strongly committed to safeguarding your personal data and respecting your privacy. This Privacy Policy outlines our dedication to maintaining the confidentiality, integrity, and lawful processing of your personal information. We are committed to upholding the highest standards of data protection as required under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope and Data Controller
This Privacy Policy applies to all users who visit or interact with the rifttrek.com website and related services. RiftTrek operates as the data controller, which means we determine the purposes and means of processing your personal data. If you have any questions about this policy or how your information is used, please contact us at [email protected].
3. Categories of Data Processed
We collect and process the following categories of personal data, depending on your engagement with our services:
a. Usage Data
Includes information such as your IP address, browser type, pages visited, time spent on pages, links clicked, and referring URLs. This data helps us improve website functionality and analyze traffic trends.
b. Account Data
Personal information provided when you register or create an account, including your full name, email address, postal address, and phone number.
c. Profile Data
Comprises your preferences, purchase history, wishlists, browsing behavior, and any other information you submit to personalize your user experience on rifttrek.com.
d. Communication Data
Includes records of communication you send to us such as customer support inquiries, complaint submissions, or any contact history via our support channels.
e. Technical Data
Details about your device, its configuration, operating system, browser, language settings, screen resolution, and other technical identifiers that may be automatically collected during your use of the site.
f. Transaction Data
Data related to purchases, such as payment card information (processed via secure third-party providers), order fulfillment details, shipping addresses, and billing contacts.
g. Preference Data
Includes information about your marketing preferences, product interests, opt-in/out choices, and responses to promotions or surveys.
4. Legal Bases for Processing
Under GDPR, we rely on the following legal bases for processing your personal data:
– Contractual Obligations: Where processing is necessary for providing a product or service you have requested.
– Legitimate Interests: For operational needs such as fraud prevention, network and information security, or improving our services—balanced with your fundamental rights and freedoms.
– Consent: Where we rely on your clear authorization, such as for sending marketing communications or placing certain cookies.
– Legal Compliance: Where processing is necessary to meet our legal obligations.
Under the CCPA, we process personal information in accordance with consumer rights, including notice at collection, the right to know, and the right to delete, restrict, or opt out of specific data sales or disclosures.
5. Your Rights
Subject to applicable law, you have the following rights regarding your personal information:
– Right of Access: You may request details of the personal data we hold about you.
– Right to Rectification: You are entitled to correct any incomplete or inaccurate data we have about you.
– Right to Erasure: You may ask us to delete your data, subject to certain legal grounds.
– Right to Restriction: You can request we limit the processing of your personal data in defined circumstances.
– Right to Portability: You may receive your personal data in a portable format or request it be transmitted to another organization.
– Right to Object: You can object to processing under grounds of legitimate interests, especially for direct marketing purposes.
– Right to Withdraw Consent: Where consent is the basis of processing, you may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal.
To exercise these rights, please contact us at [email protected].
6. Security Measures
We employ comprehensive safeguards to secure your personal data, including:
– Encryption of sensitive data in transit and at rest
– Role-based access controls with audit trails
– Regular data backups and disaster recovery protocols
– Privacy and security training for personnel
– Secure coding and security testing as part of our development lifecycle
7. International Data Transfers
Where personal data is transferred outside of the European Economic Area (EEA) or your local jurisdiction, we ensure appropriate safeguards are in place. These may include Standard Contractual Clauses approved by the European Commission or reliance on adequacy decisions. We assess the level of data protection to ensure your rights and protections remain intact during international transfers.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to meet legal, accounting, or reporting requirements. The length of retention varies by data type:
– Usage and Technical Data: up to 2 years
– Account and Profile Data: while your account is active, plus up to 7 years after closure
– Communication and Customer Support Data: up to 5 years
– Transaction Data: up to 7 years for tax and contractual obligations
– Marketing Preference Data: retained until you withdraw consent or after a period of inactivity (e.g., 24 months)
9. Cookie Policy
We use cookies and similar technologies on rifttrek.com to improve your browsing experience and gather analytical data. Cookies we use fall into the following categories:
– Essential Cookies: Required for the operation of the website and enable core functionality (e.g., account login, shopping cart).
– Functional Cookies: Enhance website performance, such as remembering choices or determining regional settings.
– Analytics Cookies: Help us analyze how users interact with the site, which allows us to improve user experience.
– Performance Cookies: Used to monitor website performance for optimization purposes.
10. Cookie Management and Compliance
You have the right to manage your cookie preferences. Upon your first visit, we provide a cookie consent mechanism compliant with GDPR and CCPA requirements. You may update your preferences at any time via our cookie settings interface or by adjusting your browser settings. You may also opt out of certain data collection features through tools offered by third-party services and industry standards, such as the Digital Advertising Alliance (DAA) or Network Advertising Initiative (NAI).
We do not sell your personal information, including cookie data, in compliance with CCPA.
11. Children’s Privacy
RiftTrek does not knowingly collect or process personal data from children under the age of 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at [email protected] so we can take appropriate measures to remove such data from our records.
12. Policy Updates
We reserve the right to update this Privacy Policy to reflect changes in legal or regulatory obligations, technological advances, or improvements in our practices. Where required, we will notify you of significant changes via appropriate means, such as a notice on rifttrek.com or via direct communication.
13. Contact
If you have questions regarding this Privacy Policy, your rights, or how your data is processed, please contact us at:
Email: [email protected]
Website: https://www.rifttrek.com
We are committed to ensuring your personal data is processed lawfully, fairly, and transparently. Please reach out if you have any privacy-related inquiries, and we will respond to your concerns in a timely and diligent manner.