Privacy Policy
1. Introduction
At QuestTiny (“we”, “us”, or “our”), accessible at questtiny.com, we are firmly committed to safeguarding the privacy of our users and protecting their personal data. We recognize the importance of privacy and data protection and adhere to the highest standards in compliance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and engage with our services.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to users who access questtiny.com and related services. For the purposes of GDPR, QuestTiny is the data controller responsible for the processing of your personal information. If you are located in California, our responsibilities under the CCPA apply accordingly. We determine the purposes and means of processing your data and are committed to maintaining its confidentiality, integrity, and lawful use.
3. Categories of Data Processed
We collect and process the following categories of personal data:
– Usage Data: Information about your visit to our website, including browser type and version, operating system, IP address, pages visited, time stamps, and session duration. This data helps us monitor and improve our website’s performance and usability.
– Account Data: When you register an account with questtiny.com, we collect your name, email address, billing/shipping address, and phone number for account creation, management, and associated communications.
– Profile Data: We compile data such as your preferences, browsing patterns, purchase history, and product interests to personalize your experience and improve our offerings.
– Communication Data: We retain records of your communications with us, including support requests, inquiries, and contact history, to assist with resolving issues and enhancing service quality.
– Technical Data: We collect device identifiers, internet connection specifications, operating systems, browser configurations, and other technical diagnostic data to ensure seamless access and usability of questtiny.com.
– Transaction Data: This includes payment details (processed through secure payment gateways), order histories, delivery addresses, and fulfillment records essential for completing and delivering transactions.
– Preference Data: Collected based on your marketing consents and product interests to inform you of offers, promotions, and updates aligned with your preferences.
4. Legal Bases for Processing
Under GDPR, we rely on the following lawful bases to process your personal data:
– Contractual necessity: To fulfill our contractual obligations, such as delivering purchases or providing requested services.
– Legitimate interests: To improve user experience, administer and secure our website, detect fraud, and market similar products or services, provided such interests are not outweighed by your rights.
– Consent: For marketing communications, use of cookies beyond strictly necessary ones, and retention of provided optional profile data.
– Legal obligation: To comply with applicable legal and regulatory requirements.
For California consumers, we adhere to the CCPA principles of notice, access, non-discrimination, and opt-out mechanisms.
5. Your Rights
Under data protection laws, you have the following rights:
– Right of Access: You can request access to the personal data we hold about you.
– Right to Rectification: You may request corrections to incomplete or inaccurate information.
– Right to Erasure: You can request deletion of your personal data in certain circumstances.
– Right to Restriction: You may limit how we use your data under specific conditions.
– Right to Data Portability: You have the right to receive your personal data in a commonly used, machine-readable format or request transmission to another controller.
– Right to Object: You can object to our processing of your data when done on legitimate interest or for direct marketing.
– Right to Withdraw Consent: If we rely on your consent for processing, you may withdraw it at any time.
California residents additionally have the right to opt-out of sale of personal data (though QuestTiny does not sell personal data in the conventional sense).
To exercise your rights, please contact us at [email protected].
6. Security Measures
We implement comprehensive technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include:
– Data encryption in transit and at rest
– Role-based access control
– Secure authentication mechanisms
– Regular security audits and vulnerability assessments
– Backup and disaster recovery protocols
– Staff training on data privacy and cybersecurity best practices
7. International Transfers
If personal data is transferred outside the European Economic Area (EEA), we ensure adequate levels of protection through legally recognized mechanisms such as Standard Contractual Clauses (SCCs). We take all measures necessary to ensure that your data continues to benefit from the protections required under data protection laws when processed abroad.
8. Data Retention
We retain personal data only as long as necessary for the purposes described in this policy, subject to applicable legal, tax, and regulatory requirements. Retention periods include:
– Usage and Technical Data: up to 12 months for analytics purposes
– Account and Profile Data: for the duration of your account’s active status and up to 6 years after account closure
– Communication Data: up to 3 years after resolution of the interaction
– Transaction Data: for up to 7 years for financial compliance
– Preference Data: until consent is withdrawn or data is no longer necessary
9. Cookie Policy
questtiny.com uses cookies and similar technologies to enhance your browsing experience. Cookies are small text files stored on your device. Categories include:
– Essential Cookies: Required for basic website functionality and security.
– Functional Cookies: Enable enhanced features such as user preferences and saved sessions.
– Analytics Cookies: Collect aggregated data to help us analyze website performance and optimize user experience.
– Performance/Advertising Cookies: Support marketing personalization and performance tracking.
By using questtiny.com, you consent to our use of cookies as outlined. You may manage or disable cookie preferences at any time as described below.
10. Cookie Management and Compliance
We provide clear cookie consent banners in accordance with GDPR and CCPA. Users can manage consent preferences using our cookie settings tool or by adjusting browser settings. California users may also exercise “Do Not Sell My Personal Information” options—note that we do not engage in the sale of personal data as defined by the CCPA.
11. Special Protections for Children Under 13
We do not knowingly collect or solicit personal data from children under the age of 13. If we become aware that a child under 13 has provided us with personal information, we will take immediate steps to delete such data. Parents or guardians who believe that their child has provided us data without consent should contact [email protected].
12. Policy Updates & User Notifications
We reserve the right to update this Privacy Policy to reflect changes in law, technology, or business operations. Updates will be posted on this page, and significant changes will be communicated to users via our website or email notice, as appropriate. Please review this page periodically for updates.
13. Contact
For any questions, concerns, or requests related to data protection and privacy, you may contact us at:
Email: [email protected]
Website: https://questtiny.com
We are committed to full compliance with global data protection standards and welcome any inquiries related to your rights and data protection at QuestTiny.