Privacy Policy
At DIY Extreme (“we,” “us,” or “our”), accessible via diy-extreme.com (the “Website”), your privacy is of paramount importance to us. We are committed to protecting the personal data of our users and ensuring transparency regarding how we collect, process, store, and use your information. This Privacy Policy outlines your rights, our responsibilities, and the choices you can make regarding your data in accordance with applicable privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Commitment to Privacy and Data Protection
We understand the significance of safeguarding your personal information and conduct all data processing activities in compliance with international privacy laws. DIY Extreme ensures appropriate legal, technical, and organizational safeguards are in place to protect your data and provide a privacy-first user experience throughout diy-extreme.com.
2. Scope of This Policy and Role of Data Controller
This Privacy Policy governs the collection and use of personal data through diy-extreme.com and applies to all individuals who visit our Website, create an account, purchase products, or engage with us in any manner. For the purposes of GDPR and other relevant data protection laws, DIY Extreme is the data controller responsible for the processing of your personal data collected via diy-extreme.com.
3. Categories of Data We Process
We collect and process various categories of personal data for specific purposes:
a. Usage Data
Includes IP address, browser type, operating system, referral URLs, page visits, session duration, and actions taken on the Website.
b. Account Data
Includes your full name, billing and shipping address, email address, phone number, and login credentials where applicable.
c. Profile Data
Includes your saved preferences, previously viewed items, purchase history, cart behavior, and other on-site behavioral data.
d. Communication Data
Includes messages sent to our customer support, queries submitted through contact forms, feedback, and related correspondence history.
e. Technical Data
Includes device attributes, system and performance diagnostics, configurations, language settings, and crash logs.
f. Transaction Data
Includes payment card information (processed securely via third parties), order details, delivery information, invoice data, and transaction histories.
g. Preference Data
Includes your consents for marketing communications, product interest tags, and interaction with promotional campaigns.
4. Legal Bases for Processing Your Data
We process your personal data only where we have a lawful basis to do so, including:
– Consent: If you voluntarily provide consent (e.g., subscribing to a newsletter).
– Contractual Necessity: When processing is required to fulfill a contract with you, such as completing an order.
– Legal Obligation: When compliance with a legal or regulatory obligation is necessary.
– Legitimate Interests: Where processing is justified by our legitimate interest in operating, improving, and securing the Website, so long as those interests do not override your fundamental rights.
5. Your Data Protection Rights
You have the following rights regarding your personal data, subject to applicable law:
– Right to Access – obtain confirmation of whether we hold your data and access to that data.
– Right to Rectification – request corrections to inaccurate or incomplete data.
– Right to Erasure – request deletion of your data, subject to contractual or legal retention obligations.
– Right to Restriction – ask us to restrict certain processing activities where appropriate.
– Right to Data Portability – request a portable copy of your personal data in a commonly used, machine-readable format.
– Right to Object – object to processing based on our legitimate interests or for direct marketing purposes.
To exercise any of these rights, contact us at [email protected]. We may require verification of your identity before processing your request.
6. Security Measures
We implement advanced security controls to maintain the integrity and confidentiality of your data:
– Data encryption in transit (via HTTPS) and at rest where applicable.
– Strict access controls ensuring that only authorized personnel can access your information.
– Periodic data backups and redundancy protocols to prevent data loss.
– Employee training on data privacy and secure data handling practices.
7. International Transfers
Your data may be processed and stored outside your country of residence, including in countries that may not have data protection laws equivalent to those in your jurisdiction. In such cases, we rely on appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, to ensure the protection of your data during international transfers.
8. Data Retention
We retain your data only for as long as needed for the purposes described in this Policy, including:
– Usage Data: 12 months
– Account & Profile Data: For as long as your account remains active and up to 24 months after deactivation
– Communication Data: 36 months from the date of last correspondence
– Transaction Data: 7 years for financial compliance
– Preference Data: Updated or removed upon changes or withdrawal of consent
Once data is no longer required, it is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies to optimize user experience and Website performance. Cookies fall under the following categories:
– Essential Cookies: Necessary for basic site functionality and security.
– Functional Cookies: Enhance site personalization and save preferences.
– Analytics Cookies: Help us understand how users navigate and engage with the Website (e.g., Google Analytics).
– Performance Cookies: Measure page load speeds and system diagnostics to improve service quality.
10. Cookie Management & GDPR/CCPA Compliance
You can manage your cookie preferences through the cookie banner or your browser settings. Under both GDPR and CCPA, you have the right to opt out of the sale or sharing of personal information collected via cookies or third-party trackers. DIY Extreme does not sell your personal data in the traditional sense. However, where data may be shared with advertising networks, appropriate consent mechanisms and opt-outs are provided in accordance with applicable law.
To adjust your cookie settings or manage consent, visit the cookie consent manager on diy-extreme.com or update preferences through your browser.
11. Children’s Privacy – Users Under 13
We do not knowingly collect or solicit personal information from children under the age of 13. If you are a parent or guardian and believe that a child under your care has provided us with personal data, please contact us at [email protected], and we will promptly take steps to delete such information.
12. Policy Updates & Notifications
We may update this Privacy Policy to reflect changes in our practices, technologies, legal requirements, or for other operational or regulatory reasons. When changes are material, we will notify you via a prominent notice on diy-extreme.com or other appropriate communications. We encourage users to review this Policy regularly to stay informed.
13. Contact Us
If you have questions, concerns, or requests related to this Privacy Policy, or if you wish to exercise any of your privacy rights, please reach out to our Privacy Team at:
Email: [email protected]
We are committed to maintaining the highest standards of data protection and welcome feedback to continually improve how we manage your information.
Your privacy is important. At DIY Extreme, we uphold our obligation to comply fully with GDPR, CCPA, and all relevant privacy frameworks. For any inquiries or concerns regarding your personal data, contact us at [email protected].