Privacy Policy
1. Introduction — Our Commitment to Data Privacy and Protection
At nanihi-paradise.com, we value and respect your privacy. We are dedicated to safeguarding the personal data you entrust to us and aim to provide full transparency regarding how we collect, use, store, and share your personal information. With our privacy-first approach, we take extensive measures to ensure your data is protected and handled in accordance with applicable data protection laws, including the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy explains our practices and your rights regarding the personal information collected through your interaction with nanihi-paradise.com.
2. Scope of this Policy & Data Controller Role
This Privacy Policy applies to all users who interact with our website, nanihi-paradise.com, regardless of residency or nationality, including visitors, registered users, and customers. It governs the processing of personal data collected through the website or associated services and communications.
Nanihi-Paradise is the data controller of personal data collected via its digital properties. As a data controller, we determine the purposes and means of processing your personal data in line with GDPR and CCPA requirements.
3. Categories of Data We Collect and Process
We collect and process a range of personal data categorized as follows:
a. Usage Data:
Includes information such as your IP address, browser type, operating system, device information, referring websites, pages visited, session duration, location data (if enabled), and user interaction patterns.
b. Account Data:
Includes your full name, billing and shipping addresses, email address, telephone number, username, and password when applicable.
c. Profile Data:
Includes your purchase history, communication preferences, product interests, behavioral trends, and other information that helps personalize your experience.
d. Communication Data:
Includes details of any inquiries, support requests, complaints, or feedback submitted through forms, emails, or other channels, along with our response history.
e. Technical Data:
Includes device type, system configuration, browser settings, screen resolution, and internet service provider details.
f. Transaction Data:
Includes payment information such as partial credit/debit card details (handled securely via our payment processors), purchase confirmation, invoice details, and shipping or fulfillment data.
g. Preference Data:
Includes your expressed consents, marketing subscription choices, opt-in/opt-out selections, and product or service interests based on site navigation and behavior.
4. Legal Bases for Processing
We process personal data only when permitted by law. The lawful bases we rely on include:
– Contractual necessity: To fulfill orders, provide services, or manage your account.
– Legitimate interest: To improve our website, analyze user behavior, ensure security, and respond to inquiries.
– Legal obligations: To meet regulatory, legal, tax, or audit requirements.
– Consent: To provide personalized marketing, set non-essential cookies, and process optional data. You may withdraw consent at any time without affecting prior lawful processing.
5. Your Rights Under GDPR and CCPA
You are entitled to exercise specific rights in relation to your personal data:
– Access: You may request a copy of any personal data we hold about you.
– Rectification: You may request corrections to inaccurate or incomplete data.
– Erasure: You may request deletion of your personal data where no longer necessary, subject to lawful exceptions.
– Restriction of Processing: You may request limited processing under specific conditions.
– Portability: You may request your data in a structured, commonly used format for transfer to another service provider.
– Objection: You have the right to object to certain forms of processing, including direct marketing and profiling.
– Do Not Sell My Personal Information: Under CCPA, California residents have the right to opt out of the sale of their data.
To exercise any of your rights, contact us at [email protected].
6. Data Security Measures
We have implemented a comprehensive suite of administrative, technical, and organizational safeguards to protect your personal data, including but not limited to:
– TLS encryption of data in transit
– Secure server infrastructure and firewalls
– Role-based access control and authentication protocols
– Compliance training for staff on data handling procedures
– Scheduled security audits and encrypted data backups
7. International Data Transfers
Your data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States. Where such transfers occur, we ensure adequate protection through:
– Standard Contractual Clauses authorized by the European Commission
– Binding Corporate Rules (where applicable)
– Additional safeguards and certifications under relevant data protection frameworks
We take all necessary measures to ensure your data remains protected regardless of location.
8. Data Retention
Your personal data is retained only for as long as necessary to fulfill the purposes for which it was collected, including:
– Account and Profile Data: Retained for the duration of your relationship with us and up to 5 years thereafter.
– Transaction and Financial Records: Retained for 7 years to comply with legal and tax obligations.
– Communications Data: Retained for up to 3 years for customer service analysis and resolution follow-ups.
– Usage and Technical Data: Retained for up to 2 years for security, analytics, and performance monitoring.
– Marketing Preference Data: Retained until you withdraw consent or unsubscribe.
We regularly review retention schedules and securely delete or anonymize data when no longer required.
9. Cookie Policy
Cookies are small text files placed on your device to improve functionality and user experience. We use the following categories of cookies on nanihi-paradise.com:
– Essential Cookies: Necessary for site usability, such as login and cart functionality.
– Functional Cookies: Enable enhanced features like language preferences and social sharing.
– Analytics Cookies: Collect data on website usage to improve performance and design.
– Performance Cookies: Monitor system errors, response times, and user interaction.
Cookies do not by themselves allow us to identify you, but some data collected may qualify as personal data under applicable laws.
10. Cookie Management and Compliance
You may control or disable cookies directly through your browser settings or via our on-site cookie consent banner pursuant to GDPR and CCPA. California residents may exercise Do Not Sell My Personal Information rights using dedicated settings links. We honor browser-based Global Privacy Control (GPC) signals where supported.
For more detailed instructions on managing cookies across browsers, please refer to your browser’s help documentation.
11. Children Under 13
nanihi-paradise.com is not intended for or knowingly directed at children under the age of 13. We do not knowingly collect or solicit personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at [email protected], and we will promptly delete such data.
12. Policy Updates and Notifications
We reserve the right to update this Privacy Policy to reflect changes in laws, technology, or our data processing practices. Substantive changes will be communicated through prominent notices on the website or via email. Continued use of nanihi-paradise.com following any such revisions constitutes acknowledgment and acceptance of the updated terms.
13. Contact Us
For questions, concerns, or to exercise your data protection rights, please reach out to our Data Protection Officer at:
Email: [email protected]
We are committed to full compliance with applicable privacy laws and are here to help you understand and control your personal data.