Privacy Policy for nfcoman.com
1. Introduction
At nfcoman.com, we are committed to safeguarding your privacy and ensuring the protection of your personal data. Your trust is important to us, and we are dedicated to maintaining strict privacy-first practices in line with global data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, share, and protect your personal information and your rights with respect to that data.
2. Scope and Data Controller
This Privacy Policy applies to personal data collected through your use of the website nfcoman.com and any associated services, communications, or transactions. For the purposes of GDPR and other relevant data protection laws, the data controller responsible for your personal data is N.F. Company, which can be contacted at [email protected].
3. Categories of Data Processed
We collect and process various categories of personal data in the course of operating our website and services:
a. Usage Data
Includes information about how you use our website such as browser type, operating system, IP address, access times, visited pages, session duration, and referring URLs.
b. Account Data
Information provided when creating or maintaining an account with us, including full name, mailing address, email address, and telephone number.
c. Profile Data
Details linked to your user preferences, purchase history, on-site behavior, saved items, and personalization choices.
d. Communication Data
Includes records of your interactions with our support and services teams, contact form submissions, inquiries, and any other correspondence.
e. Technical Data
Encompasses device identifiers, system configuration data, screen resolution, mobile network information, and browser plug-in types.
f. Transaction Data
Includes payment information (processed by third-party providers), billing/shipping addresses, product order details, and delivery confirmations.
g. Preference Data
Captures your communication preferences, marketing consents, survey responses, and interests regarding our products and services.
4. Legal Bases for Processing
We process your personal data on the following lawful grounds:
– Performance of a Contract: When data is necessary to fulfill a contractual obligation, such as processing orders or account management.
– Consent: Where required by law for marketing communications and unnecessary cookies, we obtain your explicit consent.
– Legitimate Interest: We process usage and technical data to improve our website functionality, protect against fraud, and ensure system integrity.
– Legal Obligation: Some processing may be required to comply with applicable laws or respond to lawful requests from authorities.
5. Your Rights
Subject to the conditions set forth in relevant legislation, you are entitled to the following rights with respect to your personal data:
– Right of Access: You have the right to request confirmation whether we process your personal data and request a copy of that data.
– Right to Rectification: You may request that inaccurate or incomplete data be corrected.
– Right to Erasure: In certain circumstances, you may request that we delete your data (“right to be forgotten”).
– Right to Restriction: You may request a temporary halt to processing under specific conditions.
– Right to Data Portability: You are entitled to receive your data in a structured, commonly used digital format and transfer it to another controller.
Requests to exercise any of these rights can be submitted via email to [email protected].
6. Security Measures
We implement appropriate technical and organizational safeguards to ensure the confidentiality, integrity, and availability of your data. These safeguards include but are not limited to:
– End-to-end encryption for data transfers
– Firewalls and intrusion detection systems
– Role-based access controls for employees
– Periodic data backups and disaster recovery protocols
– Staff privacy training and vetting procedures
7. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA) or other jurisdictions with data protection laws, such transfers are secured through Standard Contractual Clauses, adequacy decisions, or other lawful mechanisms to ensure your information receives equivalent protection.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods include:
– Account Data, Profile Data: Retained for the duration of the account and up to five years after closure.
– Transaction Data: Retained for legal and tax compliance up to ten years.
– Communication Data: Retained for three years for dispute resolution and service improvement.
– Usage and Technical Data: Typically anonymized and retained for analytics up to two years.
– Preference Data: Retained for the duration of marketing activities or until you withdraw consent.
After such periods, data is either securely erased or anonymized for statistical purposes.
9. Cookie Policy
Our website uses cookies and similar tracking technologies for the following purposes:
– Essential Cookies: Necessary for site functionality (e.g., authentication, session management).
– Functional Cookies: Enhance site performance and remember user preferences.
– Analytics Cookies: Track website usage to improve user experience and gather statistical data.
– Performance Cookies: Support testing and performance optimization.
Cookies may be first-party (set by nfcoman.com) or third-party (e.g., Google Analytics).
10. Cookie Management and Compliance
Upon visiting nfcoman.com, users are presented with a cookie banner to provide or refuse consent for non-essential cookies in compliance with GDPR and CCPA. You may manage your preferences or withdraw consent at any time using the cookie settings available on the site or via your browser controls.
Under CCPA, California users may also opt out of the “sale” of personal information (as defined by CCPA), even though nfcoman.com does not sell personal data as traditionally defined.
11. Children’s Privacy
Our services are not intended for, nor directed to, children under the age of 13. We do not knowingly collect or process personal data belonging to children without verified parental consent. If you believe we may have received such information, please contact us promptly at [email protected].
12. Policy Updates
We reserve the right to update or modify this Privacy Policy as required to reflect changes in legal, regulatory, or operational requirements. We encourage users to review this page periodically. Where material changes are made, users may be notified via email or via an in-site banner notification.
13. Contact
If you have any questions or concerns regarding this Privacy Policy, or wish to exercise your data protection rights, please contact us at:
Email: [email protected]
We are committed to upholding your privacy and ensuring compliance with all applicable data protection regulations. We encourage you to reach out with any privacy-related inquiries or requests.