Privacy Policy for TokenLift Lab
1. Introduction
TokenLift Lab (“we,” “us,” or “our”) is wholly committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We are dedicated to maintaining the confidentiality, integrity, and security of your information and ensuring transparency in our data processing activities conducted through our website at tokenliftlab.com.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected or processed through tokenliftlab.com. For the purposes of the GDPR, TokenLift Lab is the “data controller” responsible for determining the purposes and methods of personal data processing. This Policy also applies to residents of California under the CCPA in our role as a “business” handling consumer information.
This Policy covers both online data collected through your use of tokenliftlab.com and offline data when you contact or interact with us via other means (e.g., customer support, email communications).
3. Categories of Data Processed
We collect and process the following categories of personal data:
a. Usage Data:
Information about your interaction with tokenliftlab.com, including browser type, IP address, device identifiers, geolocation (as permitted), referral URL, time and duration of visits, session behavior, and page views.
b. Account Data:
Data provided during account registration or purchase, such as your full name, billing and shipping address, email address, and phone number.
c. Profile Data:
Information linked to your usage history and preferences, including past orders, feature usage, saved items, feedback, and behavioral profiles compiled to improve user experience and services.
d. Communication Data:
Records of your interactions with our customer support, responses to inquiries, feedback forms, surveys, and any other communication you initiate with TokenLift Lab personnel.
e. Technical Data:
Device-related data including operating systems, device types, browser version, language settings, network configurations, and other system-level diagnostics.
f. Transaction Data:
Purchase details such as order history, items bought, payment methods used, transaction time stamps, and shipping details.
g. Preference Data:
Information relating to your consent preferences, newsletter opt-ins or opt-outs, marketing choices, flagged interests, and product preferences.
4. Legal Bases for Processing
We process your personal data under one or more of the following legal bases, as appropriate:
– Performance of a Contract: Processing necessary for providing products or services you have requested, including payment, delivery, and account management.
– Consent: Processing based on your explicit and informed consent, particularly in relation to marketing communications and the use of non-essential cookies.
– Legal Obligation: Compliance with applicable legal, regulatory, or judicial orders.
– Legitimate Interests: Our interest in conducting and managing our business operations, ensuring the security of our services, improving website functionality, and responding to inquiries, balanced against your privacy rights.
5. Your Rights
In accordance with GDPR (for EU/EEA users) and CCPA (for California residents), you have the following rights:
– Right of Access: To obtain a copy of your personal data and information about our processing.
– Right to Rectification: To correct inaccurate personal data.
– Right to Erasure: To request deletion of your personal data, subject to certain legal exceptions.
– Right to Restriction: To limit how we process your personal data in specific circumstances.
– Right to Portability: To receive your personal data in a structured, machine-readable format and transmit it to another controller.
California residents also have the right to opt out of the sale or sharing of personal data and to not be discriminated against for exercising privacy rights.
To exercise your rights, please email us at: [email protected].
6. Security Measures
We implement robust administrative, technical, and physical security measures designed to protect your personal data from unauthorized access, misuse, loss, or disclosure. These measures include:
– Data encryption in transit and at rest
– Access controls based on least privilege principles
– Regular data backups and disaster recovery protocols
– Firewall and intrusion detection systems
– Employee training on data protection best practices
Despite these measures, no system can guarantee absolute security. We encourage you to use strong passwords and take precautions when sharing your data.
7. International Transfers
Your personal data may be transferred and stored in countries outside the European Economic Area (EEA) or California that do not provide the same level of data protection. When such transfers occur, we ensure appropriate safeguards are in place, including the use of Standard Contractual Clauses approved by the European Commission and supplementary technical measures as necessary.
8. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, unless a longer retention is required by law. Specifically:
– Usage and Technical Data: up to 2 years
– Account and Profile Data: as long as your account is active or until deletion request
– Communication Data: up to 3 years
– Transaction Data: retained for up to 7 years for legal, tax, and accounting purposes
– Preference and Consent Data: until updated or revoked
After these timeframes, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies on tokenliftlab.com to enhance your experience, analyze website traffic, and support marketing efforts. Our cookies fall into the following categories:
– Essential Cookies: Necessary for site navigation and security. Cannot be disabled.
– Functional Cookies: Enable enhanced features like saved preferences and language settings.
– Analytics Cookies: Help us understand usage patterns via tools such as Google Analytics.
– Performance Cookies: Used to measure and improve performance and visitor interaction.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, we provide a clear opt-in mechanism for non-essential cookies and the ability to change your preferences at any time. Consent banners are displayed upon your first visit, with functionality to customize cookie settings through our Preference Center.
You may also control cookies through browser settings, though restricting certain cookies may impact website functionality.
11. Children’s Privacy
tokenliftlab.com is not intended for children under the age of 13. We do not knowingly collect personal information from individuals under 13 years of age. If we learn that we have collected such data unintentionally, we will delete it promptly. Parents or guardians who believe their child has submitted personal information should contact us at [email protected].
12. Policy Updates and User Notifications
We reserve the right to update this Privacy Policy to reflect changes in legal requirements, technology, or our business practices. Material changes, where your rights may be impacted, will be communicated through clear notices on tokenliftlab.com or via email when appropriate. We encourage users to review this policy periodically to stay informed.
13. Contact
For any questions, concerns, or requests regarding this Privacy Policy or your personal data rights, you may contact us at:
Email: [email protected]
We are committed to handling your data responsibly, complying with all applicable regulations, and ensuring your privacy is respected at all stages. Please do not hesitate to reach out if you have any privacy concerns.