Privacy Policy
At robertoheras.com, we are committed to protecting the privacy, integrity, and confidentiality of your personal data. Your trust is foundational to our services, and we continually strive to manage your information responsibly and in full compliance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
1. Scope of this Policy and Role of Data Controller
This Privacy Policy applies to personal data collected through robertoheras.com and any associated services, platforms, or communications. For the purpose of applicable data protection laws, robertoheras.com functions as the data controller for information collected from users of the website and related services.
2. Categories of Data We Process
We collect and process various types of personal data, categorized as follows:
a. Usage Data
Includes information such as browser type, IP address, geographic location, time zone, referring URLs, length of visits, and session activities. This is used for system optimization, security, and analytics.
b. Account Data
When you register, place an order, or otherwise interact with us, we may collect your name, postal address, email address, and phone number.
c. Profile Data
Comprises your preferences, prior purchases, account settings, and behavioral data such as product interest and website interaction patterns.
d. Communication Data
Includes records of your correspondence with us, such as email queries sent to [email protected], support requests, and feedback submissions.
e. Technical Data
Encompasses device identifiers, operating system, browser plug-ins, mobile network data, and system configuration details.
f. Transaction Data
This includes order history, payment confirmations, billing details, delivery addresses, and fulfillment status.
g. Preference Data
Covers your marketing communication choices and expressed interest in specific products or services.
3. Legal Bases for Processing Personal Data
We process your personal data on the following legal grounds:
– Contract Performance: Where it is necessary for the execution of a contract with you, such as providing products or services you’ve requested.
– Legitimate Interests: When processing supports our business operations in a manner that does not override your rights (e.g., analytics, fraud prevention).
– Consent: Where your explicit permission is required for processing, such as for sending marketing communications or installing non-essential cookies.
– Legal Obligation: Where processing is necessary to comply with legal or regulatory requirements.
4. Your Rights Under Data Protection Laws
Under the GDPR and the CCPA, you have rights regarding your personal data, which include:
– Right of Access: Obtain a copy of the data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data where justified.
– Right to Restrict Processing: Ask us to limit data usage in specific circumstances.
– Right to Data Portability: Receive your data in a structured, machine-readable format or request its transfer to another controller.
– Right to Object: Object to processing based on our legitimate interests or for direct marketing purposes.
– Right to Non-Discrimination: We will not discriminate against you for exercising any of your data rights under the CCPA.
To exercise any of these rights, please contact us using the details provided in the “Contact” section below.
5. Data Security Measures
We implement a range of technical and organizational measures to ensure the security of your data, including but not limited to:
– End-to-end encryption for sensitive transmissions.
– Robust access controls limited to authorized personnel only.
– Routine backups to prevent data loss.
– Regular staff training on privacy and data protection best practices.
6. International Data Transfers
Data may be transferred and processed in countries outside your jurisdiction, including the United States and the European Economic Area (EEA). When such transfers occur, we rely on EU-approved Standard Contractual Clauses, adequacy decisions, or similar safeguards to ensure appropriate protection of your data.
7. Data Retention
We retain personal data only for as long as necessary for the purposes outlined in this policy:
– Usage Data: Retained for 12 months for analytics and security.
– Account Data: Retained while your account is active and up to 6 years thereafter for legal and regulatory compliance.
– Profile, Communication, Technical, and Transaction Data: Retained for 6 years post-final transaction.
– Preference Data: Retained until you update your marketing preferences or withdraw consent.
8. Cookies and Similar Technologies
robertoheras.com uses cookies and similar technologies to enhance site functionality, analyze browsing behavior, and personalize content. The cookies we may deploy include:
– Essential Cookies: Required for website operation, such as authentication and navigation.
– Functional Cookies: Remember site preferences and enhance usability.
– Analytics Cookies: Collect data to understand usage trends and improve site performance.
– Performance Cookies: Monitor and enhance the responsiveness of website features.
9. Cookie Management and Legal Compliance
Users are presented with a cookie consent banner upon their first visit to robertoheras.com, consistent with GDPR and CCPA requirements. You may manage or withdraw your consent at any time through browser settings or our cookie management tool accessible within the website footer. Disabling certain cookies may impact website usability.
10. Children’s Data
Our services are not intended for children under the age of 13. We do not knowingly collect personal data from anyone under 13 without verifiable parental consent. If you are a parent or guardian and believe your child has provided data to us, please contact [email protected] so we can delete the information.
11. Policy Modifications
We reserve the right to amend this Privacy Policy in response to legal, technical, or business developments. Where changes materially impact how your data is processed, we will notify you via appropriate communication channels, such as email notifications or site-wide banners.
12. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us at:
Email: [email protected]
Website: https://robertoheras.com
We are committed to full compliance with all applicable privacy regulations and welcome your inquiries and feedback related to your personal data.