Privacy Policy for TrekGrove.com

1. Introduction

At trekgrove.com (“TrekGrove”, “we”, “our”, or “us”), we value and respect your privacy. We are committed to safeguarding your personal data and complying fully with applicable data protection legislation, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy describes how we collect, use, share, and protect your personal data when you interact with our website and services. We aim to handle your personal data transparently, fairly, and with utmost care.

2. Scope of the Policy and Data Controller Role

This Privacy Policy applies to all users and visitors of trekgrove.com. The data controller responsible for processing your personal data is TrekGrove, which determines the purposes and means of processing. This Policy applies to all processing activities conducted via our website and associated services. By accessing or using trekgrove.com, you acknowledge the practices described herein.

3. Categories of Data We Process

We collect and process various categories of personal data to provide our services effectively. These categories include:

– Usage Data: Includes information regarding how you use our website, such as your IP address, browser type, time zone settings, pages visited, and duration of your visits.

– Account Data: Includes identifiers you provide when you sign up for an account or place an order, such as your full name, physical address, email address, and telephone number.

– Profile Data: Includes information about your preferences, purchase history, and interaction behavior related to content or products on our website.

– Communication Data: Includes the content and metadata of communications you send to us, such as customer service requests, chat logs, support tickets, and inquiry emails.

– Technical Data: Includes device type, operating system, screen resolution, browser configurations, and connection information.

– Transaction Data: Includes details associated with purchases, billing records, payment confirmation, order history, and delivery tracking.

– Preference Data: Includes marketing communication preferences, opt-in consents, product interest indicators, and past response behavior to newsletters or campaigns.

4. Legal Bases for Processing

We process your personal data only where permitted by law under one or more of the following legal bases:

– Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take pre-contractual steps at your request.

– Legitimate Interests: Where processing is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. Examples include fraud prevention, website analytics, and network security.

– Consent: Where you have provided clear, affirmative consent for specific data to be processed (e.g., receiving marketing communications).

– Legal Obligation: Where we are required to process your data to comply with applicable laws or legal requirements.

5. Your Rights Under Privacy Law

We respect your rights under GDPR, CCPA, and other applicable laws. Depending on your jurisdiction, you may have the right to:

– Access: Request a copy of personal data we hold about you.
– Rectification: Request correction of inaccurate or incomplete data.
– Erasure: Request deletion of your data, subject to certain conditions.
– Restriction: Request a temporary or permanent halt of processing your data.
– Portability: Receive your data in a structured, commonly used format and transfer it to another controller.
– Objection: Object to our processing based on legitimate interests or direct marketing.
– Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without impacting prior processing.

To exercise any of these rights, please contact us at [email protected]. We will handle requests in accordance with applicable legal timelines and verification procedures.

6. Security Measures

We implement a comprehensive set of technical and organizational safeguards to protect your data, including but not limited to:

– Encryption of data at rest and in transit using secure protocols.
– Access controls and role-based permissions for internal systems.
– Regular security audits and vulnerability assessments.
– Continuous backup and disaster recovery protocols.
– Staff training in data protection and information security practices.

7. International Transfers

Your personal data may be transferred to and processed in countries outside of your jurisdiction, including jurisdictions that may not provide an equivalent level of data protection. In such cases, we rely on:

– Standard Contractual Clauses (SCCs) approved by the European Commission,
– Other appropriate safeguards or derogations as permitted by GDPR or local laws.

We take care to ensure that transferred data receives an adequate level of protection and that our third-party service providers comply with our standards.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

– Account, Profile, and Transaction Data: retained for up to 7 years post last interaction or required legal accounting period.
– Technical and Usage Data: retained for up to 2 years to analyze performance and detect anomalies.
– Communication Data: retained for up to 3 years for customer support reference and dispute resolution.
– Marketing Preferences: retained until you opt out or request deletion.

After the retention period, personal data is securely deleted or anonymized.

9. Cookie Policy

TrekGrove uses cookies and similar technologies to enhance user experience, analyze site traffic, and deliver personalized content. Cookies used on trekgrove.com include:

– Essential Cookies: Necessary for core website functionality (e.g., login, shopping cart).
– Functional Cookies: Enhance site functionality such as remembering language or country preferences.
– Analytics Cookies: Collect anonymous usage data for understanding how users navigate the site.
– Performance Cookies: Help track loading speeds, responsiveness, and improving usability.

These cookies are stored on your browser and range in duration from session-only to persistent cookies lasting up to two years.

10. Cookie Management and Compliance

We provide users with clear choices regarding the use of cookies. Upon your first visit to trekgrove.com, a cookie consent banner appears, enabling you to accept, reject, or personalize cookie settings in compliance with GDPR and CCPA requirements.

You may also manage cookies through your browser settings at any time. Note that disabling certain cookies may affect functionality or user experience.

11. Children’s Privacy

trekgrove.com does not knowingly collect or process personal data from children under the age of 13. If we become aware that we have collected data from a child without verified parental consent, we will take prompt steps to delete such information. If you believe we may have collected data from a minor, contact us immediately at [email protected].

12. Policy Updates and Notifications

This Privacy Policy may be updated from time to time to reflect changes in legal requirements, business operations, or technology implementations. Any material changes will be clearly communicated via our website and, where required, via direct notification (e.g., email). Continued use of trekgrove.com indicates your acceptance of any revised policies.

13. Contact Us

If you have any questions about this Privacy Policy, our data handling practices, or wish to exercise any of your rights under applicable law, please contact us at:

Email: [email protected]

We respond to all inquiries in accordance with applicable data protection regulations.

This Privacy Policy is designed to align with the highest standards of data protection compliance. Should you have privacy concerns or require further clarification, we welcome you to reach out via the contact information above.