Privacy Policy
At DIY Extreme (https://diy-extreme.com), we are firmly committed to safeguarding your privacy and ensuring the protection of your personal data. This Privacy Policy outlines the types of personal information we collect, how it is used and stored, and the rights you have over your data. We value transparency and are dedicated to complying with the applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Introduction
DIY Extreme is deeply committed to maintaining the confidentiality and integrity of the personal data of its users and customers. We limit the use of your personal information to that which is strictly necessary for providing high-quality services, personalizing your experience, meeting our legal obligations, and enhancing your interactions with our website.
2. Scope of This Policy and Our Role as Data Controller
This Privacy Policy applies to all personal data collected or processed via the website diy-extreme.com. DIY Extreme acts as the Data Controller with respect to the personal data that you provide to us or that we collect while you interact with our website, services, or communications. For any data privacy inquiries, we may be contacted at [email protected].
3. Categories of Personal Data Processed
We may collect and process the following categories of personal data:
– Usage Data: Information such as IP addresses, browser types, pages visited, time spent on the site, session durations, and site navigation patterns.
– Account Data: Information you provide when creating an account, including your full name, shipping and billing addresses, email address, and telephone number.
– Profile Data: Data related to your consumer behavior and preferences, including purchase history, saved items, and browsing habits.
– Communication Data: Records of your interactions with customer service, including emails, support requests, and chat transcripts.
– Technical Data: Information about your device and system configuration, such as operating system, device identifiers, screen resolutions, and system language.
– Transaction Data: Payment-related data, including transaction date, product or service obtained, delivery details, and non-sensitive payment confirmation.
– Preference Data: Marketing and communication preferences, product interest data, and opt-in or opt-out status for promotional activities.
4. Legal Bases for Processing
We process your personal data lawfully under the following legal bases:
– Consent: Where required, we rely on your explicit consent to process certain categories of information, particularly for marketing activities and optional cookies.
– Contractual Necessity: Processing necessary to perform our contractual obligations, such as delivering products, managing your account, and providing support.
– Legal Obligation: Where processing is required to comply with statutory or regulatory obligations.
– Legitimate Interests: Where processing is necessary to manage and improve our business and customer relationships, provided that such interests are not overridden by your rights and interests.
5. Your Rights
You have the following rights in respect of your personal data, subject to applicable local laws:
– Right to Access: You may request confirmation of whether we process your data, and where we do, access to that data.
– Right to Rectification: You may request correction of inaccurate or incomplete personal information.
– Right to Erasure: You may request deletion of your personal information under certain circumstances.
– Right to Restriction: You may request restriction of processing where you contest the accuracy or legality of processing.
– Right to Data Portability: You have the right to receive personal data you provided to us in a structured, commonly used, and machine-readable format.
– Right to Object: Where we process your data based on legitimate interests or for direct marketing purposes, you may object to such processing.
To exercise any of these rights, please contact our Data Protection Officer at [email protected].
6. Security Measures
DIY Extreme implements and maintains appropriate technical and organizational safeguards to protect your data, including, but not limited to:
– End-to-end encryption for data transmission and storage;
– Role-based access control and authentication protocols;
– Regular system backups and disaster recovery plans;
– Periodic employee training on privacy and security best practices;
– Continuous monitoring to detect and respond to security threats.
7. International Data Transfers
Where personal data is transferred outside of the European Economic Area (EEA) or other jurisdictions with equivalent protections, we ensure such transfers are conducted in compliance with legal mechanisms, such as:
– Standard Contractual Clauses approved by the European Commission;
– Ensuring adequacy decisions are in place for the destination country;
– Implementing supplementary security measures where appropriate.
We take steps to ensure that your data receives a level of protection that complies with applicable privacy laws.
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected, including the fulfillment of legal, regulatory, contractual, and legitimate business requirements:
– Usage and Technical Data: Up to 12 months
– Account and Profile Data: For the duration of your account and up to 24 months thereafter
– Communication Data: Retained for 3 years for recordkeeping and dispute resolution
– Transaction Data: Stored for 7 years in compliance with financial and tax regulations
– Preference Data: Retained until updated by you or withdrawn
Upon expiration of the applicable retention period, personal data is securely deleted or anonymized.
9. Cookie Policy
diy-extreme.com uses cookies and similar technologies to enhance user experience, identify user preferences, and analyze site traffic. Cookies in use include:
– Essential Cookies: Necessary for website functionality, such as login authentication and security.
– Functional Cookies: Enable site personalization, detecting language and region preferences.
– Analytics Cookies: Measure usage patterns and behavior to improve performance and usability (e.g., Google Analytics).
– Performance Cookies: Monitor system performance and user journey to optimize the website.
10. Cookie Management and Compliance with GDPR and CCPA
Upon your first visit, you will be presented with a cookie consent banner. You can manage your cookie preferences directly on our website using the cookie settings tool. You may also modify your internet browser settings to refuse non-essential cookies or notify you when cookies are sent. For CCPA-compliant opt-out mechanisms, California residents can exercise their “Do Not Sell My Personal Information” rights via the dedicated link in our website footer.
11. Special Protections for Children Under 13
Our website and services are not directed to children under the age of 13. We do not knowingly collect personal information from minors under 13 without verified parental consent. If we become aware that information has been collected from a child without such consent, we will take appropriate steps to delete such personal data.
12. Policy Updates and User Notifications
We may update this Privacy Policy periodically to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. Updated versions will be posted on diy-extreme.com, and in cases of material changes, we will provide enhanced notice through prominent site banners or direct user notice where required by law.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
We will respond to all legitimate inquiries as promptly as possible and in accordance with applicable laws and regulations.
This Privacy Policy affirms our commitment to privacy, accountability, and regulatory compliance pursuant to GDPR, CCPA, and other applicable legal frameworks. If you have concerns regarding your data privacy or wish to exercise your rights, we welcome you to reach out through the contact email provided.