1. Introduction
At RiftWhiz, we are committed to safeguarding your personal data and respecting your privacy. Our practices are underpinned by transparency, accountability, and adherence to best-in-class data protection principles. This Privacy Policy outlines how RiftWhiz collects, uses, discloses, and secures personal information across our website (riftwhiz.com). We process data in accordance with applicable regulations, including the European Union General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), with a strong emphasis on privacy-by-design.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to personal data collected through your interaction with RiftWhiz via our website (riftwhiz.com), communication channels, transactional processes, and any services provided to you. The data controller responsible for your personal information under this policy is RiftWhiz. All inquiries regarding your data rights can be directed to [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
This includes data about your interactions with our site, such as IP address, browser type and version, device identifiers, operating system, referring URLs, user-agent, session duration, and pages visited.
b. Account Data
When you create or manage an account, we collect identifiable data such as your name, billing and shipping address, email address, telephone number, and login credentials.
c. Profile Data
This includes data you voluntarily provide such as language preferences, purchase history, wishlist items, reviews, custom settings, and behavior patterns on riftwhiz.com.
d. Communication Data
We retain all messages exchanged through our support systems, contact forms, and email channels. This may include support tickets, contact history, feedback, and queries.
e. Technical Data
Information about the device and software you use includes device models, plugins, browser version, time zone settings, screen resolution, and system configurations.
f. Transaction Data
Details of completed and attempted purchases, including order items, billing information, payment method details (without storing full credit card numbers), and delivery information.
g. Preference Data
Record of user consents, marketing preferences, categories of products you have shown interest in, and opt-in or opt-out selections for news and promotions.
4. Legal Bases for Processing
We will only process your data where lawfully permitted under GDPR and CCPA. Such bases for processing may include:
– Contractual necessity: to fulfill a purchase or service you requested.
– Legitimate interests: to improve user experience, prevent fraud, or secure our services.
– Legal obligation: where we are required to process data for compliance purposes.
– Consent: for sending promotional communications or placing optional cookies, subject to your prior opt-in.
5. Your Rights
Data subjects residing in the EU, UK, or California are entitled to exercise the following rights.
– Right of Access: Request a copy of the data we hold about you.
– Right to Rectification: Correct any inaccurate or incomplete personal data.
– Right to Erasure (“Right to Be Forgotten”): Request deletion of your data, subject to lawful retention requirements.
– Right to Restrict Processing: Limit how we use your data under specific conditions.
– Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format.
– Right to Object: Withdraw consent or object to further processing based on legitimate interest.
– California Rights (CCPA): Right to know, right to delete, and right to opt-out of the sale of personal information. RiftWhiz does not sell user data.
To exercise any of these rights, contact us at [email protected]. Verification measures may be applied to confirm your identity before further action.
6. Security Measures
We apply rigorous technical and organizational safeguards to protect personal data. These measures include:
– Data encryption during transit (TLS/SSL) and at rest.
– Role-based access controls and password policies.
– Secure data backups and disaster recovery protocols.
– Regular audits and staff training on data protection and cyber hygiene.
Despite our efforts, no digital transmission or storage system is completely secure. Users are advised to take necessary precautions when transmitting data across the internet.
7. International Data Transfers
In some instances, personal data collected on riftwhiz.com may be processed outside your jurisdiction, including countries not deemed to provide an equivalent level of data protection. Where such transfers occur, RiftWhiz applies safeguards such as:
– Standard Contractual Clauses (SCCs).
– Transfers to jurisdictions subject to adequacy decisions.
– Supplementary security measures including encryption and access limitation.
8. Data Retention
We retain personal data only for as long as is necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our standard retention periods are as follows:
– Usage Data: 24 months.
– Account Data: Retained for the lifetime of the account plus 12 months following closure.
– Profile Data: Retained for the active account duration or until you modify/delete preferences.
– Communication Data: 36 months from the date of last interaction.
– Technical Data: 24 months for diagnostic and security purposes.
– Transaction Data: 7 years for tax and statutory accounting requirements.
– Preference Data: Retained until withdrawn or modified.
Upon the expiration of retention periods, data is deleted or anonymized in adherence to best practices.
9. Cookie Policy
Our website uses cookies and similar technologies to improve functionality, security, analytics, and your browsing experience. Cookies fall into the following categories:
– Essential Cookies: Required for website functionality and login authentication.
– Functional Cookies: Store your preferences and settings.
– Analytics Cookies: Help us understand user activity to improve website performance, using platforms such as Google Analytics.
– Performance Cookies: Track events such as page load times and interaction metrics.
10. Cookie Management and Legal Compliance
Upon your first visit to riftwhiz.com, you will be presented with a cookie banner allowing you to manage and customize your cookie preferences in line with GDPR and CCPA requirements. You may at any time withdraw consent or reconfigure preferences through our Cookie Settings interface, and by modifying browser settings to block or delete cookies.
We honor Do Not Track (DNT) browser preferences and Global Privacy Control (GPC) signals to the extent required by applicable law.
11. Children’s Privacy
RiftWhiz does not knowingly collect or solicit personal data from children under the age of 13. If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us at [email protected], and we will take appropriate steps to delete such data.
12. Policy Updates and Notification
We reserve the right to update this Privacy Policy to reflect changes in our practices or legal obligations. Updates will be posted on riftwhiz.com, and where material changes are made, we may notify you directly via email or dashboard messaging. Continued use of our services following such changes constitutes acceptance of the revised terms.
13. Contacting Us
If you have any questions, requests, or concerns regarding this Privacy Policy, your personal data, or your rights, please contact our Data Protection Officer at:
Email: [email protected]
Website: https://www.riftwhiz.com
—
At RiftWhiz, we are committed to full compliance with the GDPR, CCPA, and other applicable privacy regulations. We value your trust and privacy, and invite you to reach out to us at any time with questions about your data rights or how your information is handled.