Privacy Policy for thenoiralbum.com

1. Introduction
At thenoiralbum.com (“we”, “us”, or “our”), we are committed to safeguarding the privacy and personal data of our users. We recognize the importance of protecting your personal information and are dedicated to complying fully with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant statutes. This Privacy Policy outlines how we collect, process, store, and protect your personal data when you visit or interact with thenoiralbum.com (the “Website”).

2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who access or use our Website. For the purposes of data protection laws, thenoiralbum.com is the data controller of your personal data collected through the Website. As data controller, we determine the purposes and means of processing your personal data.

You may contact us regarding data protection matters at [email protected].

3. Categories of Data Processed
We may collect and process the following categories of personal data:

i. Usage Data
We collect data on how you interact with the Website, including but not limited to your IP address, browser type and version, device identifiers, pages viewed, session durations, referral sources, and timestamps. This information helps us analyze usage patterns and improve the user experience.

ii. Account Data
If you create an account or place an order, we may collect your full name, billing address, shipping address, email address, and phone number to facilitate account administration and fulfill contractual obligations.

iii. Profile Data
This includes data related to your account preferences, purchase history, behavioral metrics, marketing interactions, and interests in our products or content.

iv. Communication Data
When you contact us—whether via email, contact form, or customer support—your queries, feedback, and communication history may be stored to ensure efficient support and resolve issues.

v. Technical Data
We collect certain technical information such as device type, operating system version, system language, time zone settings, and software configurations to ensure compatibility and performance of the Website.

vi. Transaction Data
When you make purchases through the Website, we may collect payment details (such as last four digits of your credit card), transaction references, shipping details, and fulfillment records. We utilize trusted third-party payment processors and do not store full payment information on our servers.

vii. Preference Data
This includes your marketing preferences, subscription status, product interest indicators, and consents for data usage and communication.

4. Legal Bases for Processing
We process your personal data under the following lawful bases:

– Consent: Where you have given explicit permission for certain types of data processing (e.g., marketing communications).
– Contract: Where processing is necessary for the performance of a contract or to take steps at your request before entering into one.
– Legal Obligation: Where we are required to process personal data to comply with the law.
– Legitimate Interests: To improve our Website, enforce terms of service, detect fraud, and analyze usage patterns, provided such interests are not overridden by your rights and freedoms.

5. Your Rights
As a data subject, you have the following rights under applicable data protection laws:

– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may request that we correct inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): You may request deletion of your data under specific circumstances.
– Right to Restriction: You may request limitation on the processing of your data.
– Right to Data Portability: You are entitled to receive your data in a structured, commonly used, and machine-readable format and have it transferred to another controller.
– Right to Object: You may object to processing based on legitimate interests or for direct marketing purposes.

To exercise your rights, please email us at [email protected]. We may require you to verify your identity before fulfilling certain requests.

6. Security Measures
We implement robust organizational and technical security measures to safeguard your personal data. These include but are not limited to:

– Encryption of data in transit and at rest
– Access control protocols and multi-factor authentication for internal systems
– Regular backups and redundancy procedures
– Employee training in data protection and incident response
– Internal audits and monitoring to detect unauthorized access or data misuse

7. International Transfers
If personal data is transferred outside your jurisdiction (including transfers outside the European Economic Area), we ensure adequate safeguards are in place such as:

– Standard Contractual Clauses approved by the European Commission
– Transfers to jurisdictions recognized as providing an adequate level of data protection
– Binding Corporate Rules or other lawful transfer mechanisms under GDPR and other applicable laws

8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected or to comply with legal, regulatory, or reporting obligations. Specific retention periods include:

– Account and Profile Data: Retained for the duration of the account and up to 3 years after inactivity.
– Transaction Data: Retained for 7 years for accounting and tax purposes.
– Communication Data: Retained for 2 years unless further correspondence occurs.
– Technical and Usage Data: Typically retained for up to 12 months unless anonymized.

After these periods, data is securely deleted or anonymized.

9. Cookie Policy
We use cookies and similar tracking technologies to enhance your browsing experience and analyze website traffic. Cookies fall into the following categories:

– Essential Cookies: Required for the Website to function correctly; they facilitate navigation and secure login.
– Functional Cookies: Enable personalized features, such as remembering user preferences.
– Analytics Cookies: Used to measure Website performance and understand user behavior through tools like Google Analytics.
– Performance Cookies: Assist in load balancing and ensure responsive service.

10. Cookie Management and User Consent
In compliance with GDPR and CCPA, we obtain user consent before deploying non-essential cookies. You may manage your cookie preferences through our website banner or browser settings. Additionally, tools such as the Global Privacy Control (GPC) signal are honored, where applicable.

You may refuse all cookies except those strictly necessary by adjusting your settings. Disabling certain categories of cookies may impact your user experience.

11. Children’s Privacy
We do not knowingly collect or process personal data from individuals under the age of 13. If we become aware that we have inadvertently obtained data from a child under 13, we will take reasonable steps to delete such data without delay. If you believe that a child has provided us with personal data, please contact us at [email protected].

12. Policy Updates and Notifications
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices or legal requirements. If material changes are made, we will provide prominent notice through the Website, and if necessary, seek renewed consent in accordance with applicable law.

13. Contact
For any questions, concerns, or requests related to this Privacy Policy or your personal data, you are encouraged to contact us:

Email: [email protected]

You may also use this email to submit formal requests regarding your data rights under GDPR or CCPA.

We are committed to full compliance with data protection laws and to maintaining the trust and confidence of all users of thenoiralbum.com. For any privacy-related matters, please do not hesitate to reach out.