Privacy Policy for TomatPontyPark.com

1. Introduction

At TomatPontyPark.com (“we”, “our”, or “us”), your privacy is of utmost importance to us. We are committed to protecting the personal data and information you share with us and ensuring transparency in how it is collected, processed, stored, and used. This Privacy Policy outlines your rights and our responsibilities in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data privacy laws. We adhere to a privacy-first approach to safeguard your data and provide you with control over your personal information.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all users who visit or interact with the website tomatpontypark.com. For the purposes of data protection laws, we serve as the Data Controller of your personal data where you provide such data directly or indirectly through your use of our website and services. As Data Controller, we determine the purposes and means of processing your personal information.

3. Categories of Data Processed

We collect and process different categories of personal data which include:

a. Usage Data
Information on how you access and use tomatpontypark.com, such as IP addresses, browser types, operating systems, device identifiers, pages visited, visit duration, and interaction data.

b. Account Data
Details you provide during account creation or ordering processes, which may include your name, physical address, email address, and phone number.

c. Profile Data
Preferences, purchase history, browsing activity, and behavioral patterns while engaging with our services.

d. Communication Data
Content and metadata from support inquiries, feedback forms, emails, or other interactions submitted through tomatpontypark.com or via our contact address.

e. Technical Data
Device- and system-related information such as software versions, language settings, network identifiers, hardware specifications, and error logs.

f. Transaction Data
Details related to purchases, payments, billing addresses, order records, shipping details, and financial interactions (processed via secure third-party providers).

g. Preference Data
Marketing and communication preferences, including opt-in or opt-out requests for newsletters, promotions, and product updates, as well as areas of product interest.

4. Legal Bases for Processing

We only process personal data when we have a lawful basis under applicable regulations. These bases include:

– Consent: Where you have granted us explicit permission to process your data.
– Contractual Necessity: Where processing is necessary to fulfill a contract with you or to take steps at your request prior to entering into a contract.
– Legitimate Interests: When our processing is required for the purpose of legitimate interests pursued by us or third parties, provided such interests are not overridden by your rights and freedoms.
– Legal Obligations: When required for compliance with legal responsibilities or regulatory requirements.

5. Your Rights

Subject to applicable laws, you have a number of rights related to how your personal data is processed:

– Right to Access: Receive confirmation and a copy of personal data we hold about you.
– Right to Rectification: Request correction of inaccuracies in your personal information.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your data under certain conditions.
– Right to Restriction: Limit how we process certain personal data in specific circumstances.
– Right to Data Portability: Obtain and reuse your personal data across different services.
– Right to Object: Object to processing based on our legitimate interests or for direct marketing purposes.
– Right not to be subject to Automated Decision-Making: You will not be subject to decisions that significantly impact you based solely on automated processing.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We employ industry-standard security practices to protect your information, including:

– End-to-end and at-rest data encryption.
– Role-based and multi-factor access controls.
– Routine security audits and vulnerability testing.
– Regular staff training focused on data privacy and handling.
– Secure backups with restricted access protocols.

While we strive to use commercially acceptable means to protect your personal data, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

7. International Transfers

Some of the parties we work with may be located outside of your country of residence, including jurisdictions without the same level of data protection. Where such transfers occur, we rely on adequacy decisions or implement safeguards such as Standard Contractual Clauses approved by the European Commission. All international data transfers are performed in compliance with the GDPR, CCPA, and applicable privacy regulations.

8. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes outlined in this Policy, or as required by law. Retention durations include:

– Usage, Technical, and Preference Data: 12-24 months for analytics and personalization.
– Account, Profile, and Transaction Data: 7 years for regulatory and tax compliance.
– Communication Data: 3 years following the last interaction.

After retention periods expire, data is securely deleted, anonymized, or archived in a non-identifiable format.

9. Cookie Policy

Tomatpontypark.com uses cookies and similar technologies to optimize user experience, enhance functionality, and analyze traffic patterns. Categories include:

– Essential Cookies: Required to operate the website and enable core services.
– Functional Cookies: Remember your preferences and settings.
– Analytics Cookies: Track usage to improve site performance and features.
– Performance Cookies: Monitor technical performance and detect errors.

No personal data is collected via cookies unless explicitly provided.

10. Cookie Management and Compliance

You can manage your cookie preferences at any time through your browser settings or via our Cookie Consent banner. In compliance with GDPR and CCPA, we do not install non-essential cookies without your explicit consent. Where required, we request affirmative opt-in to place personal data tracking cookies.

You have the right to:

– Know what data is collected using cookies.
– Refuse non-essential cookies.
– Withdraw consent at any time.

11. Special Protections for Children Under 13

Our services are not directed at, nor do we knowingly collect personal data from, children under the age of 13. If we become aware that a child under 13 has provided us with personal information, we will take prompt steps to delete such data. Parents or guardians who believe their child has shared information with us may contact [email protected] for resolution.

12. Policy Updates & User Notifications

We reserve the right to revise this Privacy Policy at any time in response to evolving legal, technical, or business developments. When changes are made, we will notify users via tomatpontypark.com or direct communication channels where appropriate, and update our on-site documentation. Continued use of our services following changes constitutes acceptance of the updated terms.

13. Contact

For questions regarding your privacy, concerns about this Privacy Policy, or to exercise any of your data rights, please contact us at:

Email: [email protected]
Website: https://tomatpontypark.com

We are committed to full compliance with data protection laws and welcome your engagement to ensure your rights are upheld. If you have any questions or concerns about your personal data or this Privacy Policy, please do not hesitate to reach out.