Privacy Policy for onallee.com
1. Introduction
At Onallee, accessible at onallee.com, we are committed to safeguarding your privacy and protecting your personal data. We recognize the fundamental right to data protection and are dedicated to upholding the highest standards of privacy, transparency, and accountability in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you engage with our website, products, and services.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and customers of onallee.com and governs the data we collect through our website and other online platforms linked to it. For the purposes of GDPR and other applicable privacy regulations, Onallee is the Data Controller of your personal data. This means that we determine the purposes and methods of processing your personal data.
If you have any questions about how your personal data is handled, please contact us at [email protected].
3. Categories of Data Processed
We process a variety of personal data categories to operate our website, deliver services, and improve your experience. These include:
a) Usage Data
Includes information about how you interact with onallee.com, such as browser type, IP address, pages visited, time spent on site, referral URLs, and interaction with site features.
b) Account Data
Includes contact details you provide when you register or place an order, such as your full name, billing and shipping address, email address, and telephone number.
c) Profile Data
Includes your preferences, purchase history, items you have viewed or added to your cart, and behavioral patterns related to website use and product choices.
d) Communication Data
Includes messages you send to us directly, such as email inquiries, customer support tickets, and historic correspondence.
e) Technical Data
Includes information about the devices you use to access our services, including operating system, device type, screen resolution, language settings, browser settings, and system configurations.
f) Transaction Data
Includes details about purchases and payments you make, including payment method, transaction ID, product details, shipping information, and billing confirmation.
g) Preference Data
Includes your selections and consents related to marketing communications, preferred marketing channels, and your interests in our products and offerings.
4. Legal Bases for Processing
We process your personal data lawfully under the following legal bases:
– Contractual Necessity: To fulfill our contractual obligations to you, such as processing orders or providing requested services.
– Legitimate Interest: To improve our services, analyze usage patterns, prevent fraud, and secure our systems in a way that does not override your rights and freedoms.
– Consent: Where you have explicitly provided your consent (e.g., to receive marketing communications).
– Legal Obligation: To comply with applicable laws and regulations, such as those related to taxation or consumer protection.
5. Your Rights
Subject to applicable laws, you have the following rights regarding your personal data:
– Right of Access: To request a copy of the personal data we hold about you.
– Right to Rectification: To request that we correct inaccurate or incomplete information.
– Right to Erasure: To request deletion of your personal data, subject to limitations.
– Right to Restriction: To request a restriction in how your data is processed.
– Right to Data Portability: To request a copy of your data in a structured, machine-readable format.
– Right to Withdraw Consent: You may withdraw previously given consent at any time, without affecting the lawfulness of prior processing.
– Right to Object: You may object to processing based on our legitimate interests or for direct marketing purposes.
To exercise any of these rights, contact [email protected].
6. Security Measures
We implement appropriate technical and organizational security measures to protect your personal data, including:
– End-to-end encryption for data transmission across secure channels (HTTPS/SSL).
– Role-based access control to restrict data accessibility.
– Regular data backups to ensure data continuity and recovery capability.
– Security awareness training for staff with access to personal data.
– Routine assessments and audits of physical and digital security measures.
While we strive to safeguard your data through these controls, no security system is entirely impenetrable. We recommend you take your own precautions as well.
7. International Transfers
Your personal data may be processed in jurisdictions outside of your own, including locations that may not provide the same level of data protection. Where data is transferred internationally, we apply appropriate safeguards as mandated under GDPR and relevant local data protection laws, such as Standard Contractual Clauses (SCCs), binding corporate rules, or verification of equivalent regulatory frameworks.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including legal, accounting, or reporting requirements:
– Account Data: Retained as long as your account remains active or as legally required.
– Transaction Data: Retained for a minimum of seven years for legal and tax obligations.
– Communication Data: Retained for up to three years following the last interaction.
– Usage and Technical Data: Retained for up to 24 months for analytical and security purposes.
– Preference and Marketing Data: Retained until consent is withdrawn or becomes outdated.
Once data is no longer required, it will be securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies to enhance your experience. Cookies are small text files downloaded to your device when you visit onallee.com. We use the following categories:
– Essential Cookies: Necessary for core website functionality (e.g., managing logins, shopping cart, and secure checkout).
– Functional Cookies: Remember choices you’ve made to personalize your experience (e.g., language or region).
– Analytical Cookies: Help us understand how visitors interact with the site using tools such as Google Analytics.
– Performance Cookies: Measure and optimize site responsiveness, speed, and technical performance.
10. Cookie Management and Compliance
You can manage or disable cookies through your browser settings or via our cookie consent tool displayed upon first visit to onallee.com. In compliance with GDPR and CCPA:
– Consent is obtained prior to non-essential cookies being placed.
– You may withdraw or modify your consent at any time.
– California residents may opt out of the sale or sharing of their personal data through a “Do Not Sell or Share My Personal Information” mechanism where required.
11. Protections for Children
Our site and services are not directed to children under the age of 13. We do not knowingly collect or solicit personal data from individuals in this age group. If we discover that we have inadvertently collected personal data from a child under 13, we will take reasonable steps to delete such information promptly. Parents or legal guardians may contact us at [email protected] to request removal.
12. Policy Updates and Notifications
This Privacy Policy may be revised periodically to reflect changes in our practices, legal requirements, or platform functionality. Material updates will be communicated via on-site notices, email communication, or through your user account. We encourage you to review this Policy regularly to remain informed of your data rights and our obligations.
13. Contact Us
If you have questions, concerns, or wish to exercise any of your privacy rights, please contact our Data Protection Officer at:
Email: [email protected]
Website: https://onallee.com
We are committed to protecting your privacy and facilitating your rights transparently, promptly, and respectfully.
Your privacy matters to us. To ensure compliance with global data protection laws including GDPR and CCPA, we welcome all inquiries related to privacy at [email protected].