Home > Policies and Terms > Data Processing Policy
Data Processing Policy
At Cindabella, we are committed to protecting the privacy and security of personal information in accordance with applicable data protection laws and regulations.
This includes the Australian Privacy Act, New Zealand Privacy Act, Canadian Personal Information Protection and Electronic Documents Act, UK General Data Protection Regulation (UK GDPR), EU General Data Protection Regulation (EU GDPR), as well as the following US laws and regulations:
- California Consumer Privacy Act (CCPA)
- Children’s Online Privacy Protection Act (COPPA)
- Health Insurance Portability and Accountability Act (HIPAA)
- Gramm-Leach-Bliley Act (GLBA)
- Fair Credit Reporting Act (FCRA)
- Electronic Communications Privacy Act (ECPA)
- Computer Fraud and Abuse Act (CFAA)
- Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM)
Data Collection and Use
We collect and process personal information for legitimate business purposes, such as providing our services, improving our website and services, and communicating with our users.
The types of personal information we may collect include:
- Contact information (e.g. name, email address, phone number)
- Payment information (e.g. credit card number, billing address)
- User-generated content (e.g. comments, reviews)
- Technical data (e.g. IP address, browser type, device type)
We only process personal information that is necessary for the specific purposes for which it was collected. We may share personal information with third-party service providers who process data on our behalf, but we will always ensure that appropriate safeguards are in place to protect personal information.
Data Retention
We will only retain personal information for as long as necessary to fulfill the purposes for which it was collected, including any legal or regulatory requirements. We will securely delete or anonymize personal information when it is no longer needed.
Data Subject Rights
Individuals have the right to access, correct, delete, and restrict the processing of their personal information, as well as the right to data portability and to object to processing. Cindabella will respond to such requests in accordance with applicable data protection laws.
Security
We are committed to protecting personal information from unauthorized access, use, or disclosure. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing personal information.
Contact Us
If you have any questions or concerns about our data processing practices, or if you wish to exercise your data subject rights, please contact us at privacy@cindabella.com.
Updates to this Policy
We may update this policy from time to time to reflect changes in our data processing practices or applicable data protection laws. We encourage you to review this policy periodically for any updates.