Privacy Policy

PRIVACY POLICY

At byebyesanta.com, we are committed to safeguarding the privacy and personal data of all individuals who interact with our website and services. Protecting your information is of paramount importance, and we strive to process all personal data in a transparent, lawful, and secure manner in accordance with applicable privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

This Privacy Policy informs you, as a user or customer of byebyesanta.com, about the nature, extent, and purpose of the personal data we collect, use, share, and store, as well as the rights and choices you have with respect to your personal information.

1. INTRODUCTION: COMMITMENT TO PRIVACY AND DATA PROTECTION

We respect your right to privacy and are dedicated to protecting the information we collect from and about you. At byebyesanta.com, we process your personal data responsibly and only for the purposes that are clearly defined in this policy. All data collection and processing activities are conducted in compliance with legal obligations, prioritizing transparency, integrity, and user control.

2. SCOPE OF THIS POLICY AND OUR ROLE AS DATA CONTROLLER

This Privacy Policy applies to personal data collected through the byebyesanta.com website and associated services, interactions, offers, and communications. By engaging with our website, using our digital products, or contacting us, you agree to the collection and use of information in accordance with this policy.

For purposes of applicable data protection laws, byebyesanta.com acts as the “data controller” in relation to the personal data collected. If you have any questions or requests relating to this policy or your data, you may contact us at [email protected].

3. CATEGORIES OF PERSONAL DATA WE PROCESS

We collect and process the following categories of personal data:

a) Usage Data
Includes data such as browser type, operating system, IP address, unique device identifiers, access times, referring URLs, and actions taken on the website. This data helps us understand how users interact with byebyesanta.com and to improve performance and user experience.

b) Account Data
Includes your full name, email address, postal address, and phone number provided when you register, make purchases, or subscribe to services.

c) Profile Data
Includes information about your preferences, purchase history, interaction with offerings, behavior on the site, and any profile information you choose to provide.

d) Communication Data
Includes the content of communications you send to us, such as inquiries, support tickets, comments, and communication history.

e) Technical Data
Includes data related to your device and system configuration, including operating system, internet service provider, screen resolution, language preference, and plug-ins.

f) Transaction Data
Includes billing and delivery information, payment transaction details, order confirmations, and financial communication related to purchases made on byebyesanta.com.

g) Preference Data
Includes your marketing and communication preferences, opt-in consent records, interests in specific products or content, and interaction history with marketing communications.

4. LEGAL BASES FOR PROCESSING YOUR PERSONAL DATA

We rely on the following legal bases to collect and process personal data, as applicable under GDPR and other regulatory frameworks:

– Consent: When you have actively provided your consent, particularly for marketing communications or optional data uses.
– Contractual Necessity: When data processing is essential to perform a contract with you, such as processing an order or responding to inquiries.
– Legal Obligation: When we are required to process your data to comply with legal or regulatory requirements.
– Legitimate Interests: When we process data to pursue our legitimate commercial interests, provided such interests are not overridden by your data protection rights. This includes improving our services, analyzing usage behavior, ensuring website functionality, and detecting fraudulent activity.

5. YOUR RIGHTS UNDER GDPR AND CCPA

You have the following rights regarding your personal data:

– Right of Access: Request details and a copy of the personal data we hold about you.
– Right of Rectification: Request correction of inaccurate or incomplete information.
– Right to Erasure: Request deletion of your personal data, subject to legal and contractual obligations.
– Right to Restrict Processing: Limit how your personal data is being used under specific conditions.
– Right to Data Portability: Request your data in a structured, commonly used, and machine-readable format and transfer it to another controller.
– Right to Object: Object to specific types of processing, including direct marketing.
– Right not to be subject to automated decision-making, including profiling, under certain conditions.
– Under CCPA, California residents have additional rights: the right to know what categories of personal information are collected, used, and disclosed; the right to delete personal information; and the right to opt out of the sale of personal information (although we do not sell your data).

Requests to exercise these rights should be submitted to [email protected]. We will respond to all verified requests in accordance with applicable laws.

6. SECURITY MEASURES

We employ robust technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. These include:

– Encryption of data during transfer via Secure Socket Layer (SSL) technology
– Role-based access controls and authentication protocols
– Regular security audits and penetration testing
– Firewalls and intrusion detection monitoring
– Secure servers with restricted physical access
– Backup and disaster recovery systems
– Employee data protection training and confidentiality agreements

7. INTERNATIONAL TRANSFERS

We may transfer your personal data to countries outside the European Economic Area (EEA) or your country of residence only where necessary and only in compliance with applicable legal protections. Such transfers are safeguarded by:

– Standard Contractual Clauses (SCCs) approved by the European Commission
– Binding Corporate Rules (where applicable)
– Adequacy decisions by the European Commission
– Other appropriate legal safeguards

You may request a copy of these safeguards by contacting [email protected].

8. DATA RETENTION

We retain your personal data only for as long as is necessary to fulfill the purposes outlined in this policy, or as required by law. Specific retention periods include:

– Account & Transaction Data: Retained for up to 7 years for tax and recordkeeping obligations
– Communication & Support Requests: Retained for 2 years from the date of last interaction
– Marketing Consent & Preferences: Retained until consent is withdrawn or request to delete is received
– Technical & Usage Data: Retained for up to 12 months for analytical and performance review

Once data is no longer needed, it is securely deleted or anonymized.

9. COOKIE POLICY

Our website uses cookies and similar tracking technologies to enhance functionality, analyze performance, and personalize content. Cookies are small data files stored on your device when you visit byebyesanta.com. We categorize cookies as follows:

– Essential Cookies: Required for website functionality and secure operation (e.g., shopping cart, login)
– Functional Cookies: Enable personalization features such as remembering preferences
– Performance Cookies: Collect information on how visitors use the site for optimization
– Analytics & Tracking Cookies: Used for aggregated metrics and site usage, often via third-party tools such as Google Analytics

10. COOKIE MANAGEMENT AND COMPLIANCE

Upon visiting byebyesanta.com, you are presented with a cookie banner to manage your preferences. We honor your settings and only place non-essential cookies after obtaining your consent, in line with GDPR.

California residents may also use the “Do Not Sell My Personal Information” mechanism consistent with CCPA regulations. We respect all opt-out choices and provide easy access to modify your cookie and tracking settings at any time.

11. SPECIAL PROTECTIONS FOR CHILDREN UNDER 13

We do not knowingly collect personal data from children under the age of 13 without verified parental consent. If we become aware that a child under 13 has provided us with personal information, we will take immediate steps to delete such data. If you believe we may have collected data from or about a child, please contact us at [email protected].

12. POLICY UPDATES & USER NOTIFICATIONS

We reserve the right to update this Privacy Policy from time to time to align with changes in legal requirements or our data practices. Any material changes will be communicated clearly via our website, and where appropriate, we may notify you via email or other direct communications.

We encourage users to review this policy periodically to stay informed about how we protect your privacy.

13. CONTACTING US

If you have any questions, concerns, or requests related to this Privacy Policy or the way we handle your personal data, please do not hesitate to contact us at:

Email: [email protected]

We are committed to maintaining compliance with GDPR, CCPA, and other applicable regulations and ensuring your privacy is safeguarded. Please reach out to us with any questions or to exercise your data rights.