Privacy Policy for YouCanPaddle.com
1. Introduction
At YouCanPaddle.com, your privacy and the protection of your personal data are of paramount importance. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant data protection laws. We are committed to maintaining the confidentiality, integrity, and availability of all personal data entrusted to us, while ensuring transparency in our data practices.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of the website youcanpaddle.com and any related services or communications. YouCanPaddle.com is the data controller responsible for determining the purposes and means of processing your personal data. We ensure our data handling practices comply with all applicable regulations and that individuals’ rights remain protected throughout our interactions.
3. Categories of Data Processed
We collect and process the following categories of personal data, depending on your interaction with our website and services:
a. Usage Data
Information about how you use our website, including browser type and version, Internet Protocol (IP) address, referring URLs, session duration, and browsing actions.
b. Account Data
Personal information provided when creating an account or placing an order, including your name, mailing address, email address, and phone number.
c. Profile Data
Your preferences, past purchases, and behavior on our platform, including saved products, account settings, and customer journey information.
d. Communication Data
Contents of support inquiries, emails, and our correspondence with you, including timestamps and contact history.
e. Technical Data
Details about your device and system configurations, including operating system, device identifiers, and browser settings.
f. Transaction Data
Details related to purchases and payments, such as billing address, payment method, order history, and delivery information.
g. Preference Data
Your communication and marketing preferences as well as indicated interests in particular sporting or paddling products.
4. Legal Bases for Processing
We process your personal data only where lawful and where one or more of the following bases apply:
– Contract Performance: where processing is necessary to fulfill our contractual obligations to you, such as order fulfillment or account management.
– Legitimate Interests: where it is necessary to pursue our legitimate interests in improving service quality, providing secure operations, or communicating important service updates, provided these do not override your fundamental rights.
– Consent: where you have explicitly consented to the processing of your personal data for specific purposes, such as subscribing to newsletters or receiving promotional offers.
– Legal Obligation: where we are required by law to process your personal data to comply with statutory or regulatory obligations.
5. Your Rights
Subject to applicable law, you have the following rights in relation to your personal data:
– Right to Access: Obtain information about the data we hold on you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data where there is no legitimate reason to retain it.
– Right to Restriction: Ask us to suspend processing of your data in certain circumstances.
– Right to Data Portability: Receive your data in a structured, machine-readable format and transmit it to another controller.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement a variety of robust technical and organizational security measures to protect your personal data, including:
– End-to-end encryption of sensitive data during transmission.
– Role-based access controls and authentication requirements.
– Secure infrastructure with firewalls, logging, and monitoring.
– Regular backups and business continuity planning.
– Staff training in data protection and cybersecurity best practices.
7. International Transfers
Where necessary, personal data may be transferred to and processed in jurisdictions outside your country, including countries that may not provide the same level of data protection. In such instances, we use appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission or other legally recognized mechanisms, to ensure compliance with applicable laws.
8. Data Retention
We retain personal data only for as long as necessary to fulfill its collection purpose or to comply with applicable legal, regulatory, or contractual obligations, as outlined below:
– Usage Data: Retained for a maximum of 18 months.
– Account and Profile Data: Retained for the duration of your account and for 6 years thereafter.
– Communication Data: Retained for 3 years from the last interaction.
– Transaction and Technical Data: Retained for 7 years for accounting and audit purposes.
– Preference Data: Retained until you withdraw consent or modify preferences.
9. Cookie Policy
Our website uses cookies and similar tracking technologies to enhance your experience. These include:
– Essential Cookies: Enable basic website functionality and security features.
– Functional Cookies: Remember your preferences and choices.
– Analytics Cookies: Help us understand user behavior and improve the site.
– Performance Cookies: Measure system and application performance.
10. Cookie Management and Compliance
When you first visit youcanpaddle.com, you are presented with a cookie consent banner. You have the option to accept, reject, or customize cookie settings in compliance with GDPR and CCPA standards. You may also manage or disable cookies at any time through your browser settings.
11. Special Protections for Children
The website youcanpaddle.com is not directed at or intended for use by children under 13 years of age. In accordance with the Children’s Online Privacy Protection Act (COPPA) and relevant GDPR provisions, we do not knowingly collect personal data from children under 13. If we become aware that such data has been collected without parental consent, it will be promptly deleted. Parents or guardians with concerns may contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to update this Privacy Policy to reflect changes in our practices, technologies, legal requirements, or other factors. Where material changes are made, we will take appropriate measures to notify you, such as through an announcement on our website or via direct email correspondence when applicable.
13. Contact
If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact our Privacy Officer at:
Email: [email protected]
Website: www.youcanpaddle.com
We are fully committed to upholding your rights and maintaining compliance with all relevant data protection legislation. Please do not hesitate to reach out for any clarifications or assistance regarding your personal data.