Privacy Policy
1. Introduction
At iihokennavi.com, we are committed to safeguarding your personal data and respecting your privacy. This Privacy Policy outlines how we handle, process, and protect your personal information in accordance with applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We strive to be transparent in our practices and ensure that your data is handled responsibly and in alignment with principles of privacy by design and default.
2. Scope of this Policy and Our Role as Data Controller
This Privacy Policy applies to your use of the website iihokennavi.com (the “Site”), including all services and features offered through it. We act as the data controller for the personal data collected via the Site, meaning we determine the purposes and means of processing your personal data. For all inquiries related to this policy or our data processing practices, you can contact us at [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
a) Usage Data
Information about how you interact with our Site, including your IP address, browser type, operating system, referring URLs, pages viewed, session durations, and interaction metrics.
b) Account Data
Personal identifiers provided when registering or managing your account on iihokennavi.com, such as your full name, email address, postal address, and phone number.
c) Profile Data
Information related to your website preferences, purchase history, service usage behavior, and any customized settings.
d) Communication Data
Details from your interactions with our customer support channels, including inquiries, service requests, and contact history.
e) Technical Data
Device-specific data such as your operating system type and version, internet service provider, language settings, and screen resolution.
f) Transaction Data
Payment details (excluding full payment card numbers, which are processed by authorized third-party payment processors), billing records, products or services acquired, and delivery information.
g) Preference Data
Your expressed preferences regarding our marketing communications and your interest in specific services, products, or features.
4. Legal Bases for Processing
Our processing of your personal data is grounded in legitimate legal bases as required under GDPR and CCPA:
– Contractual necessity: When processing is needed to perform a contract with you or to respond to your queries prior to entering into a contract.
– Consent: Where you have explicitly consented to the processing (e.g., for marketing emails or non-essential cookies).
– Legal obligation: Where processing is necessary for compliance with legal obligations.
– Legitimate interest: Where processing serves a legitimate business interest, provided your rights and interests do not override such interests (e.g., fraud prevention, analytics to enhance website performance).
5. Your Rights
You have the following rights with respect to your personal data:
– Right of Access: Obtain access to the data we hold about you.
– Right to Rectification: Request corrections to inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data in certain circumstances.
– Right to Restriction: Request restriction of processing under specific conditions.
– Right to Data Portability: Receive your data in a structured, commonly used format and transfer it to another controller.
– Right to Object: Object to certain types of processing such as direct marketing.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting earlier processing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We employ technical and organizational measures to ensure an appropriate level of security, confidentiality, and integrity of your personal data. Our security measures include but are not limited to:
– End-to-end encryption of sensitive data
– Role-based access controls and authentication protocols
– Regular data backups and recovery testing
– Staff privacy training and restricted internal access to personal data
7. International Transfers
Your personal data may be transferred to and stored in countries outside of your jurisdiction. Where such transfers occur, we implement appropriate safeguards, including standard contractual clauses approved by relevant regulatory authorities, to ensure your data receives a level of protection consistent with EU and U.S. privacy standards.
8. Data Retention
We retain personal data only for as long as is necessary for the specified purposes for which it was collected, or as required under applicable laws. Typical retention periods include:
– Account and Profile Data: Retained for the duration of your account and for 24 months thereafter unless further retention is required by law.
– Transaction Data: Retained for a minimum of 7 years for accounting and compliance purposes.
– Marketing Preferences: Retained until you unsubscribe or request deletion.
– Technical and Usage Data: Typically retained for analytics purposes for up to 13 months.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance user experience on iihokennavi.com. Categories of cookies include:
– Essential Cookies: Necessary for site functionality and user authentication.
– Functional Cookies: Enable site personalization features and remember preferences.
– Analytics Cookies: Collect anonymized statistics to help improve site usability.
– Performance Cookies: Monitor performance metrics and detect technical issues.
10. Cookie Management and Compliance with GDPR & CCPA
You can manage your cookie preferences either through the cookie banner displayed upon your first visit to iihokennavi.com or via the settings within your browser. To comply with GDPR and CCPA, we seek explicit opt-in consent for non-essential cookies and provide users with accessible means to opt out. If you are a California resident, you have the right to know what personal information is sold or shared and to opt out of such practices.
11. Children’s Privacy
We do not knowingly collect personal information from children under the age of 13. If we become aware that personal data of a child has been collected without verified parental consent, we will take appropriate steps to delete such data. Parents or guardians who believe their child has provided us with personal information are encouraged to contact us at [email protected].
12. Policy Updates and User Notifications
We may update this Privacy Policy from time to time to account for legal, technical, or business developments. When changes are made, users will be notified through appropriate channels, which may include email notifications, a prominent website banner, or in-site updates. Continued use of the Site following such updates constitutes acceptance of changes.
13. Contact Us
If you have any questions about this Privacy Policy, our data processing practices, or your interaction with the website, please contact us at:
Your privacy is important to us, and we are committed to ensuring transparency and compliance with applicable laws. Please don’t hesitate to reach out regarding any privacy concerns or requests.