PRIVACY POLICY

1. Introduction

At nzchmemorial.com, we are committed to respecting your privacy and protecting your personal data. This Privacy Policy outlines how we collect, use, store, and share your information when you visit our website, communicate with us, or use our services. Our practices are designed to ensure the confidentiality, integrity, and security of personal data, aligning with applicable privacy laws including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Scope of this Policy and Data Controller

This Privacy Policy applies to all personal data collected through nzchmemorial.com. For the purposes of data protection law, nzchmemorial.com is the Data Controller of the information you provide to us. If you have any questions regarding this policy or your personal data, our designated contact is reachable at [email protected].

3. Categories of Data Processed

We collect and process several categories of personal data:

a. Usage Data: This includes information such as your IP address, browser type, browser version, pages visited, time and date of visit, time spent on pages, and other diagnostic data automatically collected when you use our website.

b. Account Data: Information you provide when creating an account or engaging with our services, including your full name, billing and shipping address, email address, and phone number.

c. Profile Data: Data relating to your preferences, interests, past orders, and browsing behavior on our site.

d. Communication Data: Records of correspondence with you, such as inquiries, support requests, feedback, or any other interaction with our support and communications teams.

e. Technical Data: Includes device identifiers, operating system, settings, and other technical information collected from your device when you access our services.

f. Transaction Data: Payment details (excluding full card numbers), transaction history, order confirmations, and shipping information.

g. Preference Data: Data related to marketing subscriptions, opt-in/opt-out statuses, product preferences, and areas of interest.

4. Legal Bases for Processing

We rely on several legal bases for processing your personal data, as permitted under GDPR and other applicable legislation:

– Consent: Where legally required, we will obtain your consent before processing your data (e.g., for marketing communications).
– Contractual Necessity: When processing is necessary to fulfill a contract with you or perform pre-contractual measures (e.g., order fulfillment).
– Legal Obligation: Where we are required to comply with a legal obligation (e.g., tax or accounting laws).
– Legitimate Interest: When processing is required for our legitimate interests, such as improving the website, securing our services, or developing new products, provided that such interests are not overridden by your fundamental rights.

5. Your Rights

Under applicable data protection laws, you have the following rights:

– Right of Access – You may request access to the personal data we hold about you.
– Right to Rectification – You can request correction of inaccurate or incomplete personal data.
– Right to Erasure – You can request deletion of your data under certain conditions.
– Right to Restrict Processing – You may request that we limit the processing of your information.
– Right to Data Portability – You have the right to receive your data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

To exercise your rights, please contact us at [email protected]. We will respond in accordance with applicable data protection laws.

6. Security Measures

We implement a comprehensive suite of measures to protect your personal data, including:

– End-to-end encryption for data transmission;
– Controlled access to systems and data;
– Regular data backups and disaster recovery processes;
– Ongoing privacy and data protection training for employees;
– Monitoring and assessment of data security frameworks and partners.

Despite our best efforts, no transmission of data over the internet or method of electronic storage is entirely secure. We urge all users to protect their account information and contact us immediately in the event of any suspected breach.

7. International Transfers

Your personal data may be transferred to, stored in, or processed in countries outside your jurisdiction. When doing so, we ensure such transfers are carried out in accordance with applicable legal standards, including the use of Standard Contractual Clauses approved by the European Commission or appropriate safeguards under the CCPA.

8. Data Retention

We retain your personal data only as long as necessary for the purposes for which we collected it, including for satisfying legal, contractual, accounting, and reporting requirements. Generally:

– Usage Data is retained for up to 12 months following collection;
– Account Data is retained as long as your account is active and for up to 7 years thereafter;
– Communication and Support Data is retained for 3 years;
– Transaction and Financial Data is retained for 7 years per legal obligations;
– Marketing and Preference Data is retained until you withdraw consent or for up to 5 years after last engagement.

9. Cookie Policy

Our website uses cookies and similar technologies to enhance user experience:

– Essential Cookies: Necessary for navigating and using key site features.
– Functional Cookies: Enable personalization such as remembered preferences.
– Analytics Cookies: Help us understand how users interact with nzchmemorial.com through aggregated usage data.
– Performance Cookies: Used to improve speed, usability, and responsiveness of our services.

10. Cookie Management and Compliance

By using our website, you consent to our use of non-essential cookies in accordance with this policy. Where required by GDPR, you will be prompted with a cookie consent banner allowing you to accept or manage your preferences before cookies are set.

You may manage your cookie preferences at any time via the cookie settings panel on our website or through your browser settings.

Under CCPA, California residents also have the right to opt out of the sale or sharing of their personal information collected via cookies. We honor all Do Not Track (DNT) and Global Privacy Control (GPC) signals received in the appropriate format.

11. Protection of Children’s Privacy

Our website is not intended for use by children under the age of 13. We do not knowingly collect personal data from children without verifiable parental consent. If you believe that a child has provided us with personal data without proper authorization, please contact us immediately at [email protected] so that we may investigate and delete such information as appropriate.

12. Updates to this Policy

We reserve the right to amend this Privacy Policy from time to time. Changes will be reflected on this page along with an updated version of the policy. Where material changes affect your rights or how we process your personal data, we will make reasonable efforts to notify registered users via email or prominent on-site notification.

13. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or our handling of your personal data, please contact us at:

Email: [email protected]
Website: nzchmemorial.com

We are fully committed to complying with the GDPR, CCPA, and all applicable data protection laws. Please reach out to us with any privacy-related concerns, and we will ensure a prompt and responsible response.