Privacy Policy for HaifaWehbeh.com
1. Introduction
HaifaWehbeh.com (“we,” “us,” or “our”) is committed to safeguarding your personal data and upholding your privacy rights with the utmost care and transparency. We recognize the importance of protecting the information of visitors and users of our website and services. This Privacy Policy describes how we collect, use, disclose, retain, and secure personal information and outlines your rights in connection with your data under the applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all personal data processed through your interaction with the haifawehbeh.com website and any associated services, communications, or online platforms we operate. HaifaWehbeh.com is the Data Controller for the purposes of the GDPR and similar global data protection regulations, meaning we determine the purpose and means of the processing of your personal data.
For any privacy-related inquiries, the designated point of contact is: [email protected].
3. Categories of Data We Process
We collect and process the following categories of data:
a) Usage Data:
Information about your interaction with our website, including your IP address, browser type, operating system, device identifiers, session times, pages viewed, referring URLs, and search queries.
b) Account Data:
Personal details you provide when registering or purchasing from our website, such as first and last name, physical address, email address, telephone number, and account credentials.
c) Profile Data:
Preferences you set, purchase history, browsing behavior, demographic interests, and saved favorite items.
d) Communication Data:
Records of contact, including customer service inquiries, feedback, emails, and messages exchanged with our support team.
e) Technical Data:
Data from your devices used to access our website, such as device type, software configuration, system language, and network settings.
f) Transaction Data:
Details relating to payments made or received, including billing addresses, partial credit card information (processed through secure third-party payment gateways), transaction timestamps, and delivery details.
g) Preference Data:
Marketing communication preferences, consent records, survey responses, and interests in products, services, and content.
4. Legal Bases for Processing
In line with the GDPR, we rely on the following lawful bases for processing your personal data:
– Consent: For certain marketing activities and cookies, we rely on your explicit consent.
– Contractual Necessity: Data required to fulfill a contract, such as orders, service access, or account creation.
– Legitimate Interests: For improving services, ensuring network security, fraud prevention, or internal analytics, provided these interests are not overridden by your rights.
– Legal Obligation: To comply with applicable laws and regulations, including tax, accounting, and data disclosure requirements.
5. Your Rights
Depending on your jurisdiction, you may exercise the following data protection rights:
– Right of Access: You can request access to the personal data we hold about you.
– Right to Rectification: Request the correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data under certain conditions (“Right to be Forgotten”).
– Right to Restrict Processing: Request the restriction or suppression of your data processing activities.
– Right to Data Portability: Obtain a copy of your data in a structured, commonly used, and machine-readable format for transfer.
– Right to Object: You may object to the processing of your data under specific legal grounds.
– Right to Withdraw Consent: Where consent is our basis, you may withdraw it at any time without affecting the lawfulness of previous processing.
To make a data rights request, please contact [email protected].
6. Security Measures
We implement comprehensive administrative, technical, and physical safeguards to ensure your data is protected against unauthorized access, alteration, disclosure, or destruction. These measures include:
– Data encryption in transit and at rest
– Access control and authentication procedures
– System monitoring and audit logging
– Regular security assessments and penetration testing
– Staff training and awareness programs
– Secure backups and data recovery systems
7. International Transfers
Your data may be transferred, stored, or processed outside of your country of residence, including to jurisdictions that may not provide the same level of data protection. Where such transfers occur, we put in place adequate legal safeguards compliant with GDPR, such as Standard Contractual Clauses approved by the European Commission or ensure that recipient jurisdictions are subject to adequacy decisions.
8. Data Retention
We retain personal data only for as long as it is necessary to fulfill the purposes for which it was collected, including the satisfaction of legal, contractual, and operational obligations. Specific retention periods include:
– Account and Transaction Data: Retained for up to 7 years for tax and accounting compliance.
– Usage and Technical Data: Up to 2 years for analytics and performance optimization.
– Marketing and Preference Data: Until consent is withdrawn or up to 3 years after last interaction.
– Communication Data: Retained for up to 5 years for support logs and dispute handling.
Once data is no longer needed, it is securely deleted or anonymized.
9. Cookie Policy
We use cookies and related technologies to improve user experience, analyze website traffic, and support marketing initiatives. This includes:
– Essential Cookies: Required for site operation, such as login, shopping cart, and account management.
– Functional Cookies: Support enhanced functionality, such as language preferences and user customization.
– Analytics Cookies: Track user behavior for performance insights, such as page popularity and navigation patterns.
– Performance Cookies: Monitor site performance, uptime, and user interaction metrics.
10. Cookie Management and Compliance
You may control or disable cookies through your browser settings or via our cookie consent management platform in accordance with GDPR and CCPA requirements. Upon your first visit to haifawehbeh.com, you will be presented with options to accept or reject different categories of cookies. Consent records are stored to demonstrate compliance.
California residents have additional rights under the CCPA, including the right to opt out of the sale of personal information. Although haifawehbeh.com does not sell personal information in exchange for monetary value, we honor California’s Do Not Sell My Personal Information framework for data sharing that may be considered “selling” under the CCPA’s broad definitions.
11. Children’s Privacy
Our website and services are not directed at children under the age of 13. We do not knowingly collect, use, or disclose personal data from individuals under 13 years of age without verifiable parental consent. If we become aware that we have inadvertently collected data from a child, we will take steps to delete such information promptly.
12. Policy Updates
We may revise this Privacy Policy from time to time to reflect legal, operational, or technological changes. Material updates will be communicated via prominent notices on haifawehbeh.com or through direct communication where appropriate. We encourage users to review this policy regularly to stay informed of how we protect their data.
13. Contact Us
For questions, concerns, or to exercise your privacy rights, please contact:
Email: [email protected]
We are committed to upholding the highest standards of data protection and privacy compliance in accordance with GDPR, CCPA, and other applicable laws. For any privacy-related concerns about your personal data and our data handling practices, you are welcome to reach out at any time.
