Privacy Policy - Squid Ninja Records

We at Squid Ninja Records (“Company,” “we,” “us,” or “our”) are committed to protecting your privacy and safeguarding your personal data. This Privacy Policy outlines how we collect, use, store, and share your personal information when you interact with our website and services at squidninjarecords.com (the “Site”), and details your rights under applicable privacy laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

1. Commitment to Privacy and Data Protection

We take the privacy of our users very seriously. We strive to maintain the highest standards of data security and transparency in accordance with established privacy regulations. This Policy is designed to give you clear and detailed information about our data practices and how you can exercise control over your information.

2. Scope of This Policy and Role as Data Controller

This Privacy Policy applies to all personal data collected through squidninjarecords.com, including related communications, purchases, services, and interactions. For the purposes of GDPR and other applicable laws, Squid Ninja Records is the “data controller” for your personal data. This means we determine the purposes and methods of processing your information.

3. Categories of Data We Process

We may collect and process the following categories of personal data:

– Usage Data: Includes information about how you use the Site, such as IP address, browser type, time zone settings, referring/exit pages, session duration, and site interactions.

– Account Data: Personal details provided when creating an account or placing an order such as your full name, mailing and billing address, email address, and phone number.

– Profile Data: Includes your preferences, purchase history, browsing behavior, saved favorites, and other personal settings related to your experience on squidninjarecords.com.

– Communication Data: Records of communications submitted through contact forms, customer support inquiries, and any other direct correspondence with us.

– Technical Data: Includes device characteristics, operating system, hardware model, mobile network information, and other system configurations.

– Transaction Data: Includes purchase details, payment method, billing and delivery information, and transaction history.

– Preference Data: Includes your marketing and communication preferences, email opt-in status, and product interests.

We do not collect or store sensitive personal data (such as racial or ethnic origin, political opinions, religious beliefs, or biometric data) unless explicitly required and permitted by law with your explicit consent.

4. Legal Bases for Processing Personal Data

Your personal data is processed in accordance with the following legal bases:

– Contractual Necessity: To fulfill our obligations to you under a contract—for example, processing your orders.

– Legitimate Interests: For our internal operations, site optimization, fraud prevention, and customer service, provided such interests are not overridden by your rights.

– Consent: Where we rely on your consent—for example, for marketing emails or cookies—you can withdraw consent at any time.

– Legal Obligation: To comply with relevant legal and regulatory requirements.

5. Your Rights

Subject to applicable laws, you have the following rights with respect to your personal data:

– Right of Access: Request a copy of your personal data held by us.

– Right to Rectification: Request corrections to inaccurate or incomplete data.

– Right to Erasure (“Right to Be Forgotten”): Request deletion of your personal data, subject to certain exceptions.

– Right to Restriction of Processing: Request the limitation of processing under specific circumstances.

– Right to Data Portability: Request the transfer of your personal data to another provider or directly to you.

– Right to Object: Object to data processing where we rely on legitimate interest, or for direct marketing purposes.

To exercise your rights, contact us at: [email protected]. We may require verification of identity before processing requests.

6. Security Measures

We implement appropriate technical and organizational safeguards to protect your personal data, including:

– Encryption of data at rest and in transit.

– Access controls with role-based restriction.

– Secure servers and firewall protection.

– Regular security audits and vulnerability assessments.

– Employee training on privacy and data protection responsibilities.

Despite our efforts, no method of transmission over the internet or storage can be guaranteed to be 100% secure.

7. International Data Transfers

If your personal data is transferred outside the European Economic Area (“EEA”), we ensure appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, are in place. We take steps to ensure all international data transfers comply fully with applicable data protection laws.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:

– Usage and Technical Data: Up to 24 months.

– Account and Profile Data: For the duration of the account and up to 5 years post-deactivation.

– Transaction Data: Retained for up to 7 years for compliance with tax and contractual obligations.

– Communication Data: Retained for 2 years, or longer if relevant to an ongoing issue or legal matter.

– Preference Data: Maintained while active consent is in place.

Once the applicable retention period expires, data is either securely deleted or anonymized.

9. Cookie Policy

We use cookies and similar technologies to improve your experience on squidninjarecords.com. Cookies are small text files placed on your device and are used for various purposes, including:

– Essential Cookies: Required for core site functionality and security.

– Functional Cookies: Enhance site performance and remember your preferences.

– Analytics Cookies: Help us understand visitor interaction through anonymized data.

– Performance Cookies: Track usage patterns to improve loading times and optimize web performance.

10. Cookie Management and Compliance

Upon your first visit, we display a cookie banner to obtain your consent for non-essential cookies. You may adjust your cookie preferences via the settings provided on our Site or by configuring your browser settings. In accordance with GDPR and CCPA, we respect your rights to opt-out, reject, or modify your cookie preferences at any time.

California residents also have the right under CCPA to opt-out of the “sale” of personal information, which we honor by providing clear opt-out mechanisms.

11. Children’s Privacy

Our services are not directed to individuals under the age of 13, and we do not knowingly collect or process personal data from children under this age. If we become aware that we have inadvertently collected personal data from a child under 13 without parental consent, we will take steps to delete it immediately.

12. Updates to This Policy

We may from time to time update this Privacy Policy to reflect changes in legal requirements or our data practices. Material changes will be communicated through notices on squidninjarecords.com or via direct communication where appropriate. Continued use of the Site constitutes your acknowledgement of the revised Policy.

13. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us at:

Email: [email protected]

We are committed to ensuring that your privacy is respected and protected. All data processing activities performed by Squid Ninja Records comply with applicable data protection regulations, including but not limited to the GDPR and CCPA. Please reach out to us with any privacy-related inquiries.