Privacy Policy for pitopo.com
1. Introduction
At pitopo.com (“Website”, “we”, “us”, “our”), we are committed to protecting and respecting your privacy. We recognize the importance of handling personal data responsibly and transparently. This Privacy Policy outlines how we collect, use, store, and share your personal information in accordance with applicable law, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). By using pitopo.com, you consent to the practices described in this Policy.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of pitopo.com and governs the collection and processing of personal data through your use of the Website and any associated services. For the purposes of applicable privacy legislation, pitopo.com operates as the data controller, determining the purposes and means of the processing of your personal data.
3. Categories of Personal Data We Process
We may collect, use, store, and transfer various types of personal data. These include:
a. Usage Data
Information on how you interact with the Website such as IP addresses, access times, browser types, referral URLs, geo-location information, and unique device identifiers. This data helps us understand usage patterns, improve our services, and ensure the security of our platform.
b. Account Data
Data you provide when creating an account or filling forms, including your full name, billing and shipping addresses, email address, and contact telephone number.
c. Profile Data
Information related to your preferences, feedback, account settings, product interests, and purchase history. This allows us to tailor your experience and present offers relevant to you.
d. Communication Data
Records of all communications with you, including inquiries submitted via contact forms, emails to our support address, and social media interactions.
e. Technical Data
Information about your devices such as operating system, device model, browser plug-ins, screen resolution, and system configuration data. These help optimize the technical performance of our services across different platforms.
f. Transaction Data
Details related to your purchases, including payment status, transaction identifiers, and delivery information. We do not store full credit card numbers or sensitive payment details—these are processed securely by our payment service providers.
g. Preference Data
Information you provide regarding marketing communications, newsletter sign-ups, and expressed interests in particular categories of products or content.
4. Legal Bases for Processing
We process your personal data only where there is a lawful basis to do so, including:
– Consent: When you explicitly provide consent, such as for marketing emails or cookies non-essential to website functionality.
– Performance of Contract: To fulfill our commitments to you, including processing orders, providing customer service, and account management.
– Legal Obligation: Where we are required by law to retain or share certain information, such as tax documentation and fraud detection.
– Legitimate Interest: For purposes such as improving our services, maintaining security, and understanding customer usage, provided that such interests are not overridden by your rights.
5. Your Data Protection Rights
Under the GDPR and, where applicable, the CCPA, you have several rights in respect of your personal data:
– Right to Access: You may request to know what personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: Also known as the “right to be forgotten,” you may request the deletion of your data, subject to certain legal exceptions.
– Right to Restrict Processing: You may ask us to suspend processing in certain situations.
– Right to Data Portability: You may request a copy of your personal data in a structured, commonly used machine-readable format.
– Right to Object: You may object to our processing of your data based on our legitimate interests or for direct marketing purposes.
– Right Not to Be Subject to Automated Decision-Making: You are entitled not to be subject to decisions based solely on automated processing.
Requests related to these rights can be submitted at any time by contacting [email protected]. We will respond in accordance with applicable legal timelines.
6. Security Measures
We implement a range of technical and organizational measures to ensure the confidentiality, integrity, and availability of your data. These include, but are not limited to:
– Secure socket layer (SSL) encryption during data transmission
– Access controls and multi-factor authentication for internal systems
– Regular security audits and penetration testing
– Data backups and disaster recovery frameworks
– Staff training on data protection and information security best practices
While we take reasonable precautions, no system can be 100% secure, and users are encouraged to maintain strong, unique passwords and monitor account activity.
7. International Data Transfers
Personal data may be transferred to and processed in countries outside the European Economic Area (EEA) and the United States, where data protection laws may differ. Whenever data is transferred internationally, we ensure the appropriate safeguards are employed, such as:
– The use of Standard Contractual Clauses (SCCs)
– Transfers to jurisdictions deemed to have adequate data protection by relevant regulatory authorities
– Binding corporate rules or other permissible methods under applicable law
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or compliance obligations.
– Account Data: retained for the lifespan of the account and 6 years thereafter for legal compliance
– Transaction Data: retained for 7 years in accordance with tax regulations
– Communication Data: retained for 24 months
– Usage and Technical Data: retained for up to 36 months to improve services and maintain security
– Preference Data: retained while actively in use or until marketing consent is withdrawn
Upon expiration of these retention periods, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies to collect information about your browsing behavior, preferences, and interactions with pitopo.com. These include:
– Essential Cookies: Necessary for website operation (e.g., login sessions, form submissions)
– Functional Cookies: Enhance usability and personalized experiences
– Analytics Cookies: Allow us to understand traffic and usage patterns (e.g., via Google Analytics)
– Performance Cookies: Monitor system performance and user journey improvements
10. Cookie Management and Compliance
You can manage your cookie preferences through the Cookie Settings tool provided on the Website. Most web browsers also allow you to control cookies via browser settings. European users will be presented with a cookie consent banner upon first visit, in compliance with GDPR. California users have the right to opt out of the sale or sharing of their personal information under CCPA and can exercise this right via the “Do Not Sell My Personal Information” link, where applicable.
11. Children’s Privacy
pitopo.com is not directed to, nor do we knowingly collect data from, children under the age of 13. If we become aware that personal data has been collected from a child without consent from a parent or legal guardian, all such data will be promptly deleted. Parents or guardians who believe that their child has submitted personal data may contact us at [email protected].
12. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in practices, laws, or service features. When material updates are made, we will provide notice via email (if you have a registered account), or through prominent messaging on the Website. Continued use of pitopo.com after such changes constitutes your acceptance of the updated terms.
13. Contact
For any questions, concerns, or to exercise your data rights under this Privacy Policy, you may contact us at:
Email: [email protected]
Website: https://pitopo.com
We are committed to maintaining the highest standards of privacy and protecting your personal data. If you believe your rights have been violated, you may also contact your local data protection authority.
Thank you for trusting pitopo.com with your information.