Privacy Policy for michubags.com
1. Introduction
At michubags.com, we are committed to safeguarding your privacy and ensuring the protection of your personal data. We believe that respecting your privacy is fundamental to building trust, and we adhere rigorously to global data protection frameworks, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, and protect personal information obtained from users who visit our website, make purchases, or otherwise interact with us.
2. Scope of Policy and Data Controller
This Privacy Policy applies to all personal data collected through your use of michubags.com and any associated communications with our team. For the purposes of the GDPR, michubags.com acts as the Data Controller, determining how and why personal data is processed.
If you have any questions regarding our practices or this policy, you may contact us at: [email protected].
3. Categories of Data Processed
We collect a range of personal data depending on your interaction with our services. Categories of personal data include:
– Usage Data: Information collected automatically when you access our website, such as browser type, device ID, IP address, session duration, timestamps, device event information, and referring/exit URLs.
– Account Data: Information you voluntarily provide when registering an account or making a purchase, including your full name, email address, telephone number, and shipping and billing addresses.
– Profile Data: Data related to your behavior and preferences, including product interest, wish lists, browsing history, and purchasing habits.
– Communication Data: Records of interactions with our support or contact forms, emails, and other inquiries. This includes contact history, support tickets, and user-submitted messages.
– Technical Data: Device-specific information, operating system details, system configurations, screen resolution, and usage environment.
– Transaction Data: Payment card type, transaction identifiers, order history, shipping details, and method of purchase. We do not store full payment card details; transactions occur through secure, compliant payment gateways.
– Preference Data: Your communication preferences, consent to receive marketing materials, subscriptions, and stated product interests.
4. Legal Bases for Processing
Under the GDPR, we rely on the following legal bases to process your personal information:
– Contractual Necessity: Processing required to fulfill a contract with you, such as order fulfillment, shipping, and customer service.
– Consent: For marketing communications, use of cookies (beyond essentials), and voluntary disclosures, we process data based on your informed consent.
– Legitimate Interests: Processing necessary to improve our website, detect fraud, protect the integrity of our operations, and ensure compatibility across platforms, provided such interests do not override your rights.
– Legal Obligations: Where required to comply with applicable legal or regulatory requirements.
5. Your Rights under Data Protection Laws
As an individual, you have the following rights concerning your personal data:
– Right of Access: To request access to the personal data we hold about you.
– Right to Rectification: To request correction of your personal data where it is inaccurate or incomplete.
– Right to Erasure: To request deletion of your personal data under certain conditions (“right to be forgotten”).
– Right to Restriction: To restrict the processing of your data where permitted by law.
– Right to Data Portability: To receive your data in a structured, commonly used, and machine-readable format and transmit it to another controller.
– Right to Object: To object to processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent: To withdraw consent at any time where consent was previously provided.
Residents of California may also exercise additional rights under the CCPA, including the right to opt-out of the sale of personal data and the right to non-discrimination when exercising privacy rights.
To exercise your rights, please contact us at: [email protected].
6. Security Measures
We take data security seriously and implement a variety of organizational and technical safeguards to protect your personal information, including:
– Data encryption in transit and at rest using industry-standard protocols.
– Role-based access control to restrict data access only to authorized personnel.
– Frequent security audits and vulnerability assessments.
– Regular system backups and disaster recovery protocols.
– Employee training in data protection and cybersecurity best practices.
While we take all reasonable precautions, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.
7. International Transfers
Your data may be transferred to and processed in jurisdictions outside your country of residence, including countries that may have different data protection laws than your own. Whenever we transfer personal information internationally, we do so in compliance with applicable data protection regulations by employing standard contractual clauses, adequacy decisions, or other legally accepted mechanisms to ensure a consistent level of protection.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Indicative timeframes for data retention include:
– Account and Profile Data: Retained for the duration of your account and up to 6 years thereafter.
– Transaction Data: Retained for up to 7 years to comply with financial and tax laws.
– Communication Data: Retained for up to 2 years after resolution of an inquiry.
– Technical and Usage Data: Retained for up to 24 months for analytics and site optimization.
– Marketing Preference Data: Retained until consent is withdrawn or for up to 2 years following the last interaction.
9. Cookie Policy
We use cookies and similar technologies on michubags.com to enhance user experience, analyze performance, and personalize content. Cookies used fall into the following categories:
– Essential Cookies: Required for core site functionality such as navigation, shopping cart, and log-in.
– Functional Cookies: Enhance usability and remember user preferences.
– Analytics Cookies: Collect aggregated data about traffic and behavior to help improve performance.
– Performance Cookies: Monitor site speed and response times across devices and regions.
By using the site, certain cookies may be placed on your device. Where required by law, consent is obtained before setting non-essential cookies.
10. Cookie Management and Compliance
You may manage your cookie preferences at any time by adjusting your browser settings or using our cookie consent tool, which is displayed upon your first visit to michubags.com and accessible via the site footer. Users in the EU and California are given explicit opt-in consent options in line with the GDPR and CCPA, respectively. You may also configure your browser to refuse cookies or alert you when they are being used, with the understanding that certain parts of the site may not function correctly.
11. Special Protections for Children
michubags.com is not intended for use by individuals under the age of 13. We do not knowingly collect, solicit, or process personal data from children without verifiable parental consent. If we become aware that we have collected child information inadvertently, we will take prompt action to delete such data. If you are a parent or legal guardian and believe we may have collected information from your child, please contact us at [email protected].
12. Policy Updates and Notifications
We may update this Privacy Policy from time to time to reflect changes in regulations, functionality, or practices. Any significant changes will be posted prominently on michubags.com. We encourage users to review this policy periodically to remain informed about how we collect, use, and protect personal information.
13. Contact Information
For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
We are committed to maintaining full compliance with applicable data protection laws. If you have any privacy concerns or wish to exercise your rights, please do not hesitate to reach out.