Privacy Policy for QuestTiny.com
1. Introduction
At QuestTiny.com (“we,” “us,” or “our”), we value your privacy and are committed to safeguarding the personal data entrusted to us. This Privacy Policy outlines how we collect, process, store, and protect your information when you interact with our website, services, and related platforms. We are dedicated to ensuring that all data processing activities comply with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of this Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through our website, QuestTiny.com, and any associated digital platforms or services operated by us. For the purposes of data protection laws, QuestTiny.com is the Data Controller, meaning we are responsible for determining the purposes and means of the processing of your personal data.
3. Categories of Data We Process
We collect and process the following categories of personal data to provide, customize, and enhance your experience on QuestTiny.com:
a) Usage Data
We collect data automatically about how visitors interact with the website. This includes information such as your IP address, browser type, pages visited, access times, referring URLs, and session durations.
b) Account Data
We may collect information that you provide when creating an account or placing an order, such as your full name, address, email address, and phone number.
c) Profile Data
We process data relating to your profile, such as your preferences, purchase history, user behavior, and selected account settings to tailor services and recommendations.
d) Communication Data
We maintain records of your correspondence with us, including customer support inquiries, submitted forms, feedback, and contact history.
e) Technical Data
We automatically gather data related to the device and software you use to access QuestTiny.com, such as device type, operating system, browser configuration, language settings, hardware identifiers, and crash logs.
f) Transaction Data
Information relating to transactions conducted through our website is collected, including billing details, order histories, delivery addresses, and payment confirmation data (excluding payment card details, which are processed by secure third-party providers).
g) Preference Data
We collect data pertaining to your marketing preferences, consent settings, notification choices, and expressed interests in specific products or services.
4. Legal Bases for Processing
Under the GDPR, we rely on the following legal bases to process your personal data:
– Consent: When you have provided explicit consent for a specific purpose, such as subscribing to our newsletter.
– Contractual Necessity: Processing required to fulfill our obligations under a contract with you, such as delivering a purchased item.
– Legitimate Interests: Processing necessary for the legitimate interests of QuestTiny.com, such as improving our services or preventing fraud, provided these do not override your rights.
– Legal Obligation: When processing is required to comply with a legal requirement or enforceable governmental request.
For CCPA compliance, we do not sell personal data as defined therein and only process data in accordance with stated purposes.
5. Your Rights
As a data subject, you have the following rights under data protection laws:
– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Request corrections to inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal information where applicable.
– Right to Restrict Processing: Request temporary suspension of data processing under certain conditions.
– Right to Data Portability: Request transfer of your data to another provider in a structured, commonly used format.
– Right to Object: Object to processing based on legitimate interests, including profiling.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, please contact us at: [email protected].
6. Security Measures
We take the security of your personal data seriously. Our safeguards include:
– Encryption of data in transit and at rest
– Role-based access control
– Secure server environments and regular vulnerability testing
– Routine data backup and disaster recovery mechanisms
– Staff training on privacy protection and information security
Despite our robust efforts, no method of transmission or storage is entirely secure, and users should always exercise caution online.
7. International Data Transfers
If personal data is transferred outside your jurisdiction (including the European Economic Area), it will be subject to appropriate safeguards, such as:
– Standard Contractual Clauses (approved by the European Commission)
– Binding Corporate Rules
– Adequacy determinations by regulators
We ensure all recipients of such data uphold data protection standards consistent with this policy and applicable law.
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected or to comply with legal, regulatory, or contractual obligations. Retention periods are as follows:
– Usage and Technical Data: Retained for 12 months for analytics and security
– Account and Profile Data: Retained until account deletion or 36 months of inactivity
– Communication Data: Retained for 24 months for service records and issue resolution
– Transaction Data: Retained for 7 years for accounting and tax purposes
– Preference Data: Retained until consent is withdrawn or for 24 months, whichever is earlier
9. Cookie Policy
QuestTiny.com uses various types of cookies and similar technologies for different purposes:
– Essential Cookies: Required for site functionality, such as login and order processing
– Functional Cookies: Remember user preferences and enhance usability
– Analytics Cookies: Help us understand how users interact with our website (e.g., Google Analytics)
– Performance Cookies: Monitor website performance and error detection
See our dedicated Cookie Management section to learn how to control your preferences.
10. Cookie Management and Compliance
We comply fully with GDPR and CCPA requirements concerning cookie usage:
– Consent Management: We obtain your consent before placing non-essential cookies through a clear banner and preference center.
– Granular Control: You have control over which cookie categories are enabled.
– Opt-Out Options: CCPA-eligible users can opt out of any form of personal data “sale” via dedicated links.
Users may also adjust browser settings to manage or delete cookies. Disabling certain types of cookies may affect site functionality.
11. Children’s Privacy
QuestTiny.com does not knowingly collect or process personal data from children under the age of 13. If you are a parent or guardian who believes that your child has provided their personal data to us, please contact us promptly at [email protected]. Upon verification, we will take steps to remove the information.
12. Policy Updates and User Notification
This Privacy Policy may be updated periodically to reflect changes in legal requirements or our practices. We will notify users of material changes through prominent site notices or by other appropriate means, including by email if applicable.
13. Contact Us
For any questions, concerns, or requests related to your privacy rights or this Privacy Policy, you may contact us at:
Email: [email protected]
Website: https://questtiny.com
We are committed to protecting your privacy and operating in full compliance with the GDPR, the CCPA, and other applicable data protection regulations. Please reach out to us with any privacy-related concerns.