Privacy Policy for doc-elliott.com

1. Introduction

At doc-elliott.com (“we,” “our,” or “us”), we are committed to protecting and respecting your privacy. We understand the importance of safeguarding your personal data, and we take our responsibility to handle your information with care, transparency, and compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data. We prioritize your privacy and implement rigorous practices and policies to maintain data integrity and confidentiality.

2. Scope of This Policy and Data Controller Role

This Privacy Policy applies to all visitors, users, and others who access the services provided through doc-elliott.com (the “Site”). It governs the processing of personal data collected through the Site, via direct interactions, or through third-party service providers we engage.

For purposes of applicable privacy legislation, doc-elliott.com acts as the “data controller” of your personal data, determining the purposes and means by which your information is processed. If you have any questions regarding data practices, you may contact us at [email protected].

3. Categories of Personal Data We Process

We may collect and process the following categories of personal data:

a) Usage Data
We collect information about your use of our Site and services, including your browser type, IP address, access times, pages viewed, referring URLs, and other diagnostic data related to your interaction with our digital platforms.

b) Account Data
This includes information you provide to create an account, such as your full name, physical address, email address, and telephone number.

c) Profile Data
We may maintain details about your interactions with our products and services, such as your preferences, purchase history, browsing behavior, frequency of engagement, and suggestions tailored to you.

d) Communication Data
Details exchanged through contact forms, customer service interactions, and support tickets, including correspondence history, email exchanges, and inquiry content, are saved to effectively manage communications.

e) Technical Data
Information relating to your device, such as your device model, operating system, hardware identifiers, system configurations, and software versions, may be collected automatically.

f) Transaction Data
Information related to purchases made through the Site, including payment method, transaction identifiers, billing and shipping addresses, transaction history, and order details, is collected and processed securely.

g) Preference Data
Marketing and communication preferences, opt-in or opt-out status, newsletter subscriptions, user feedback, and consent records for personalized communications are maintained.

4. Legal Bases for Processing

We rely on various legal grounds under the GDPR for collecting and processing your personal data:

– Performance of a Contract: Where processing is necessary to fulfill a contractual agreement, such as product delivery or account management.
– Consent: When we obtain your explicit consent for processing activities such as email marketing or non-essential cookies.
– Legitimate Interests: To improve our services, develop new offerings, prevent fraud, and ensure Site security, where such interests are not overridden by your rights.
– Legal Obligation: When processing is necessary to comply with legal and regulatory obligations.

Under CCPA, we also disclose information regarding the categories of personal information collected, the purpose for collection, and whether personal information is sold or shared.

5. Your Data Protection Rights

You are entitled to exercise the following rights under GDPR and, where applicable, the CCPA:

– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You can correct inaccurate, incomplete, or outdated data.
– Right to Erasure: You can request deletion of your personal data under certain conditions.
– Right to Restriction: You can ask us to restrict processing of your data where appropriate.
– Right to Data Portability: You may receive your personal data in a structured, commonly used, and machine-readable format, and request its transfer to another controller.
– Right to Object/Opt-Out: If you are a California resident, you may opt out of the sale or sharing of your data. You also have the right to object to specific processing purposes under the GDPR.

To exercise any of these rights, please contact us at [email protected]. Verification of identity may be required.

6. Security Measures

We implement robust technical and organizational measures to secure your personal data. These include:

– Use of encryption protocols (SSL/TLS) for data transmission
– Access controls and authentication systems
– Regular data backups
– Employee privacy training and access limitation to authorized personnel only

While no system can guarantee absolute protection, we continually assess and improve our practices to mitigate risks.

7. International Data Transfers

Your personal data may be transferred to countries outside your jurisdiction, including the United States. Where such transfers occur, we ensure appropriate safeguards are in place, including the use of Standard Contractual Clauses approved by the European Commission or reliance on adequacy decisions. We comply with applicable data protection laws in each relevant jurisdiction.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:

– Usage and technical data: up to 12 months
– Account and profile data: for the life of the account and an additional 6 months post termination
– Transaction and communication data: retained for up to 7 years for legal and accounting purposes
– Preference and marketing consent data: until revocation of consent or after 24 months of inactivity

Once the retention period has elapsed, data will be securely deleted or anonymized.

9. Cookie Policy

We use cookies and similar technologies to enhance your browsing experience and gather analytics:

– Essential Cookies: Required for Site functionality and security
– Performance Cookies: Track Site performance to help us improve usability
– Functional Cookies: Remember user preferences and choices
– Analytics Cookies: Help us understand visitor usage through aggregated metrics

All cookies used on doc-elliott.com are set with a clear expiration and are deployed in a privacy-conscious manner.

10. Cookie Management and Compliance

Users can manage cookie preferences at any time by accessing their browser settings or by using consent management tools available on the Site. Under GDPR and CCPA, users have the right to withdraw consent for non-essential cookies, and to opt out of data sale or sharing where applicable.

Upon your first visit, a cookie banner will appear, requesting your explicit consent for the use of cookies. Continued browsing without consent may disable non-essential cookies by default.

11. Children’s Privacy

The services of doc-elliott.com are not intended for children under the age of 13. We do not knowingly collect or process data from individuals under 13 years of age. Should we become aware that personal data from a child has been inadvertently collected, we will take immediate steps to delete such data.

If you are a parent or guardian and believe we may have collected data from a child under 13, please contact us at [email protected].

12. Policy Updates and Notification

We may revise this Privacy Policy from time to time to reflect changes in law, updates to our services, or data practices. When changes are made, we will update this page accordingly. We encourage you to review the Privacy Policy regularly. Where appropriate, we will notify you through prominent notice on the Site or via direct communication.

13. Contact Us

For inquiries, requests to exercise your data rights, or concerns regarding this Privacy Policy or our data handling practices, please contact us at:

Email: [email protected]

We are committed to upholding your privacy rights and responding promptly to requests related to your personal data.

Compliance Statement

doc-elliott.com is committed to full compliance with applicable data protection laws including GDPR, CCPA, and other relevant regulations. If you have concerns or would like further information regarding how we protect your privacy, we welcome you to reach out directly at [email protected].