Privacy Policy for Onallee.com
1. Introduction
Onallee.com (“we,” “us,” “our”) is deeply committed to protecting your privacy and safeguarding your personal data. We recognize the importance of data privacy and are dedicated to ensuring that your personal information is treated with the highest standard of security, transparency, and compliance with applicable legal frameworks, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
This Privacy Policy outlines how we collect, use, disclose, and protect your personal data when you access or use our website at onallee.com (the “Website”), and informs you of your rights and choices in relation to your data.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who access the Website. For the purposes of applicable data protection laws, including the GDPR, the data controller responsible for your personal data is Onallee, and can be reached at [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Includes IP address, browser type and version, referring websites, pages visited, time and date of visit, time spent on pages, clickstream data, and other diagnostic data about how you interact with onallee.com.
b. Account Data
Includes your full name, residential or shipping address, email address, phone number, and login credentials if applicable.
c. Profile Data
Includes your purchase history, product preferences, behavior on our Website, saved items, and other profile information created when engaging with our services.
d. Communication Data
Includes your communications with our support team, submitted queries, support tickets, customer service interactions, and contact history.
e. Technical Data
Includes device information (including mobile device identifiers), operating systems, system configurations, screen resolution, browser settings, and other technical characteristics provided by your device or browser.
f. Transaction Data
Includes payment and billing information (excluding full credit card details which are handled via secure third-party providers), delivery information, transaction records, and fulfilled orders.
g. Preference Data
Includes your preferences in receiving marketing communications, survey responses, feedback, user-generated content, product notifications, and interests inferred from usage.
4. Legal Bases for Data Processing
We process your personal data based on the following legal grounds:
– Contractual necessity: Where data is required to perform the terms of a contract with you (e.g., completing purchases, providing customer service).
– Consent: Where we ask for your explicit consent prior to processing (e.g., for sending marketing communications).
– Legitimate interests: For the purposes of improving our services, preventing fraud, and enhancing the functionality and security of onallee.com, provided such interests are not overridden by your individual rights.
– Legal obligations: Where processing is required to comply with a legal obligation or regulatory request.
5. Your Data Protection Rights
Under applicable data protection laws, you may have the following rights in regard to your personal data:
– Right of Access: Request access to the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your personal data under certain circumstances.
– Right to Restrict Processing: Request limiting the processing of your data.
– Right to Data Portability: Request your personal data in a structured, commonly used, machine-readable format for transfer to another organization.
– Right to Object: Object to processing based on our legitimate interests, including for direct marketing purposes.
– Right to Withdraw Consent: Withdraw your consent at any time when processing is based on consent.
To exercise your rights, please contact us at [email protected]. We will respond to your request in accordance with applicable legal requirements.
6. Security Measures
We implement robust technical and organizational measures to safeguard your data, including:
– Data encryption during transmission and storage
– Role-based access controls and authentication procedures
– Routine data backups and disaster recovery protocols
– Secure coding practices and vulnerability assessments
– Staff privacy training and confidentiality agreements
While we strive to maintain the highest level of security, no method of transmission over the internet is guaranteed to be 100% secure.
7. International Data Transfers
We may transfer and store your personal data outside of your country of residence, including to countries that may not offer an equivalent level of data protection. In such cases, we ensure appropriate safeguards are in place, such as:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Adequacy decisions by relevant data protection authorities
– Binding corporate rules and certified frameworks
You may request further details regarding international data transfers by contacting us at [email protected].
8. Data Retention
We retain personal data only for as long as necessary for legitimate business purposes and in accordance with legal and regulatory requirements. The following are general retention guidelines:
– Usage Data: Retained for up to 12 months for analytics purposes.
– Account and Profile Data: Retained for the duration of your account and up to 5 years after closing.
– Communication Data: Retained for a minimum of 3 years for compliance and audit purposes.
– Transaction Data: Retained for 7 years in accordance with accounting and tax obligations.
– Preference Data: Retained until you update preferences or withdraw consent.
After the applicable retention period, data is either securely deleted or anonymized.
9. Cookie Policy
Onallee.com uses cookies and similar tracking technologies to enhance your browsing experience and analyze Website traffic. Cookies are categorized as follows:
– Essential Cookies: Necessary for website functionality and authentication.
– Functional Cookies: Enable personalization such as remembering your preferences.
– Analytics Cookies: Collect aggregate data on user behavior for service improvement.
– Performance Cookies: Help measure page loading times and site performance.
10. Cookie Management and Compliance with GDPR & CCPA
When you visit onallee.com for the first time, a banner will prompt you to manage your cookie preferences in accordance with GDPR and CCPA. You may opt in or out of non-essential cookies anytime by adjusting settings in our cookie consent manager or through your browser.
CCPA Rights: California residents have the right to opt-out of the sale of their personal information. We do not sell personal data in the traditional sense, but we provide a clear opt-out mechanism for any data sharing that may fall under the CCPA’s definition.
11. Special Protections for Children
Onallee.com does not knowingly collect or solicit personal data from children under the age of 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at [email protected]. We will take steps to remove the data and delete any accounts created by minors.
12. Policy Updates
We may amend this Privacy Policy from time to time to reflect changes in legal, technical, or business developments. If we make material changes, we will notify you via a prominent notice on onallee.com or by contacting you directly where feasible. We encourage you to periodically review this policy to stay informed about how we protect your information.
13. Contact Us
If you have any questions, concerns, or complaints regarding this Privacy Policy or our data practices, please contact:
Email: [email protected]
Website: onallee.com
We are committed to ensuring your privacy is respected and protected in accordance with global best practices and applicable laws.
This Privacy Policy is designed to ensure full compliance with the GDPR, CCPA, and other applicable data privacy regulations. Please contact us at [email protected] with any questions regarding your privacy rights or this Policy.