Privacy Policy for Token Savvy Labs
1. Introduction
At Token Savvy Labs, accessible at https://tokensavvylabs.com, we value your privacy and are fully committed to safeguarding your personal data in accordance with applicable data protection legislation, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy explains how we collect, process, share, and protect your information when you interact with our website and services. We uphold a privacy-first approach by ensuring transparency, accountability, and user empowerment in handling your information.
2. Scope of Policy and Role as Data Controller
This Privacy Policy applies to all users, visitors, and customers of Token Savvy Labs and governs the processing of personal information collected via our website or through any direct interactions. Token Savvy Labs acts as the data controller for all personal data collected and processed via tokensavvylabs.com. As the data controller, we decide the purposes and means of processing your personal information in compliance with applicable laws.
3. Categories of Data Processed
We collect the following categories of personal data depending on your interaction with our services:
A. Usage Data: Information about how you use our website, such as IP address, browser type, access times, pages viewed, referring URLs, and session duration.
B. Account Data: Information you provide when creating an account or placing an order, such as your name, billing/shipping address, email address, and phone number.
C. Profile Data: Information relating to your preferences, purchase history, and on-site behavior including saved items, interests, and personalized recommendations.
D. Communication Data: Records of your correspondence with us, including email exchanges, support tickets, feedback submissions, and other communications.
E. Technical Data: Device information such as operating system, device type, browser settings, screen resolution, and system configurations used to access our services.
F. Transaction Data: Details about products or services you purchase or inquire about, including transaction history, purchase date, order fulfillment, and payment information.
G. Preference Data: Your communications preferences, marketing opt-ins, newsletter subscriptions, and selected interests.
4. Legal Bases for Processing
We process your personal data under the following lawful bases, depending on the nature of the data and the context in which we collect it:
– Consent: When you give explicit permission for specific data processing, such as for receiving marketing emails.
– Contractual Necessity: When processing is necessary to fulfill our obligations under a contract with you, such as providing purchased services or products.
– Legal Obligation: Where we are required by law to retain or disclose certain information.
– Legitimate Interests: When processing is necessary for the performance of our business functions, provided these interests are not overridden by your rights or freedoms—for example, maintaining security and improving our website.
5. Your Data Protection Rights
As a data subject, you have the following rights under GDPR and CCPA (where applicable):
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You can request correction of any inaccurate or incomplete data.
– Right to Erasure: You have the right to request deletion of your personal data, subject to applicable legal requirements.
– Right to Restrict Processing: You may request that we limit the processing of your data under specific circumstances.
– Right to Data Portability: You can obtain and reuse your data for your own purposes across different services.
– Right to Object: You have the right to object to specific types of data processing, including direct marketing.
To exercise any of these rights, contact us at [email protected]. We will respond to all requests in accordance with applicable legislation.
6. Security Measures
We are committed to securing your data with appropriate technical and organizational safeguards, such as:
– Encryption of data in transit and storage using industry standards.
– Implementation of role-based access controls and authenticated logins.
– Regular security audits and system vulnerability assessments.
– Secure data backup protocols with disaster recovery planning.
– Ongoing employee training and awareness on data protection practices.
7. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as the execution of Standard Contractual Clauses or reliance upon adequacy decisions by the European Commission. We also ensure compliance with regional privacy laws, including the UK GDPR and CCPA.
8. Data Retention
We retain your personal information no longer than is necessary for the purposes for which it was collected, including compliance with legal, regulatory, tax, accounting, or reporting obligations. The retention periods are as follows:
– Usage and Technical Data: Up to 24 months, unless anonymized for analytical use.
– Account and Transaction Data: Up to 7 years post-contract for compliance and auditing.
– Communication Data: Retained for up to 3 years from last contact.
– Marketing Preferences and Profile Data: Retained until consent is withdrawn or the profile is deleted.
Once the retention period expires, or upon your request subject to legal constraints, we securely delete or anonymize the data.
9. Cookie Policy
We use cookies and similar tracking technologies on https://tokensavvylabs.com for the following purposes:
– Essential Cookies: Necessary for website functionality and security.
– Functional Cookies: Enhance user experience by remembering preferences.
– Analytics Cookies: Collect anonymized usage metrics to improve performance and usability.
– Performance Cookies: Monitor site performance and identify issues affecting user experience.
These cookies may be set by us or by third-party service providers on our behalf.
10. Cookie Management and Compliance
You have control over your cookie preferences. Upon visiting our website, you will be presented with a cookie consent banner allowing you to accept, reject, or manage cookies in compliance with GDPR and CCPA regulations. You may also change your preferences at any time through your browser settings or by revisiting the cookie settings on our site. Do Not Track (DNT) signals are honored where applicable.
11. Children’s Privacy
Our website and services are not directed to individuals under the age of 13. We do not knowingly collect or solicit data from children under 13 years of age. If we become aware that we have collected such data, we will delete it without delay. Parents or legal guardians who believe their child may have provided us with personal data should contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to modify this Privacy Policy at any time to reflect changes in our practices or applicable laws. If material changes are made, we will provide clear notice via our website or, where required, through direct communication. Please review this policy periodically to stay informed about how we protect your information.
13. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, you may contact us via:
Email: [email protected]
We are committed to complying with all applicable data protection laws and ensuring that your privacy is respected, protected, and prioritized. Please feel free to reach out to us with any privacy-related inquiries or complaints.