Privacy Policy
1. Introduction
At Kidadrift (“we,” “us,” or “our”), accessible via kidadrift.com, your privacy and the protection of your personal data are of paramount importance. We are committed to handling your personal information responsibly, transparently, and in accordance with applicable data protection laws, such as the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy outlines how we collect, use, store, and share your personal data, as well as your rights in relation to such information.
2. Scope of This Policy and Data Controller Responsibilities
This Privacy Policy applies to all visitors, users, and others who access or use kidadrift.com (“Services”). Kidadrift is the data controller for the personal data collected through our Services. As a data controller, we determine the purposes and means of processing your personal data in accordance with applicable data laws and regulations.
3. Categories of Data We Process
We collect and process various categories of personal data, necessary for the operation, personalization, and support of our Services. These include:
a. Usage Data
Information about how you interact with the website, including browser type and version, internet protocol (IP) address, device type, geographical location, time zone setting, session duration, pages viewed, and referring website addresses.
b. Account Data
Personal information you provide when registering an account, including your full name, email address, residential or shipping address, phone number, and login credentials.
c. Profile Data
Details relating to your preferences, purchase history, browsing behavior, interaction patterns, saved items, and demographic information that may be collected or inferred.
d. Communication Data
Records of communication between you and us, such as submitted contact forms, customer support requests, service inquiries, and email correspondence.
e. Technical Data
Information regarding the devices you use to access the website, including hardware models, operating system versions, unique device identifiers, browser settings, language settings, and system configurations.
f. Transaction Data
Payment information and logistics data, including billing addresses, masked credit/debit card numbers (collected via secure third parties), transaction dates, amounts, and order fulfillment details.
g. Preference Data
Marketing preferences, product interests, communication preferences, opt-in or opt-out status for promotional messages and newsletters, and cookie consent selections.
4. Legal Bases for Processing
In accordance with the GDPR, the legal bases for our data processing activities include:
– Your consent, where legally required (e.g., marketing communications, certain cookies).
– Performance of a contract with you or to take steps at your request prior to entering into a contract.
– Legitimate interests pursued by us, provided those interests are not overridden by your rights and freedoms (e.g., fraud prevention, service improvements, analytics).
– Compliance with legal obligations (e.g., maintaining records for tax and regulatory compliance).
Under the CCPA, we do not sell personal data and only process your information for the purposes disclosed in this Policy.
5. Your Rights
If you are located within the European Economic Area or California, you may exercise the following rights under the GDPR or CCPA, as applicable:
– Right of Access: Request confirmation about whether we process your personal data and obtain a copy.
– Right to Rectification: Request correction of any inaccurate or incomplete personal data.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data under certain legal conditions.
– Right to Restriction: Request limitation of the processing of your personal data in certain circumstances.
– Right to Data Portability: Receive your data in a structured, machine-readable format and have the right to transfer it to another controller.
– Right to Object or Opt-Out: Object to processing activities carried out under legitimate interest and opt out of direct marketing.
– Right Not to Be Subject to Automated Decision-Making: We do not engage in solely automated decision-making that would produce legal or similarly significant effects.
To exercise any of these rights, please contact us at [email protected]. We may need to verify your identity before fulfilling your request.
6. Data Security Measures
We implement a variety of technical and organizational measures to ensure the integrity, confidentiality, and availability of your personal data. These measures include:
– Encryption of data in transit and at rest
– Restricted access to personal data through role-based controls
– Regular security monitoring and auditing
– Secure server environments and firewalls
– Staff training on data protection best practices
– Business continuity and backup protocols
7. International Data Transfers
We may process your data in countries outside your jurisdiction, including countries that may not offer the same level of data protection as your home country. In such cases, we rely on appropriate safeguards, including the use of Standard Contractual Clauses approved by the European Commission or other legally recognized data transfer mechanisms.
8. Data Retention
We retain personal data only for as long as necessary for the purpose for which it was collected, including to comply with legal, contractual, and regulatory obligations. Our data retention practices include:
– Account Data: Retained as long as your user account remains active or as needed for legitimate business purposes.
– Communication Data: Retained for up to 24 months after the last interaction.
– Transaction and Financial Data: Retained up to 7 years for compliance with tax and transactional record requirements.
– Usage and Technical Data: Retained for analytics and service improvement for up to 36 months in anonymized or aggregated form.
– Marketing Consent and Preference Data: Retained until consent is withdrawn or unsubscribed.
When personal data is no longer needed, we securely delete or anonymize it.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your browsing experience on kidadrift.com, personalize content, analyze traffic, and allow functionality. The categories of cookies we use include:
– Essential Cookies: Necessary for the website to function and cannot be disabled.
– Functional Cookies: Enhance usability by remembering user choices (e.g., language, preferences).
– Analytics Cookies: Collect data on how users interact with our website (e.g., Google Analytics).
– Performance Cookies: Improve website performance and user experience via metrics like load time and interaction rates.
10. Cookie Management and Legal Compliance
You may manage or disable cookies through your browser settings or through the cookie consent banner presented upon your first visit to kidadrift.com. Where required by law, we will obtain your consent before placing non-essential cookies. Additionally, users located in the EU and California have the right to:
– Accept or reject cookies individually
– Withdraw cookie consent at any time
– Request non-tracking or opt-out from sale of personal information (not applicable as we do not sell personal data)
11. Protection of Children’s Privacy
Our Services are not directed to children under the age of 13. We do not knowingly collect or process personal data from minors without verifiable parental consent. If you believe that a child has provided us with personal data without such consent, please contact us immediately at [email protected] so we can take appropriate action.
12. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in legal or operational practices. Where required by applicable law, we will notify you of material changes, such as through a notice on the website or by direct communication, prior to such modifications becoming effective.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy, your data, or how we process your personal information, please reach out to us using the following contact information:
Email: [email protected]
Website: https://kidadrift.com
We are committed to full compliance with applicable privacy laws and to providing transparency and control regarding your personal data. Please do not hesitate to reach out with any inquiries related to your privacy rights.