Privacy Policy - Noshoes Club

1. Introduction

At NoShoes Club (“we,” “us,” “our”), available through the website noshoes-club.com (“Site”), we are committed to protecting your privacy and upholding the integrity of your personal data. This Privacy Policy explains how we collect, use, store, and share your personal information, as well as your rights under applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We operate on a privacy-first principle and strive to handle your personal data responsibly and transparently.

2. Scope and Data Controller

This Privacy Policy applies to all users and visitors of noshoes-club.com. NoShoes Club is the data controller for the personal data collected through this Site and is responsible for determining the purposes and means of processing such data. If you have any questions regarding this Privacy Policy or the handling of your data, you may contact us at [email protected].

3. Categories of Data Processed

We may collect and process the following types of personal data when you interact with noshoes-club.com:

a. Usage Data: Includes information about how you use our website, such as browser type, IP address, date and time of access, session duration, and pages visited.

b. Account Data: Information provided when creating an account, including your name, billing/shipping address, email address, phone number, and password.

c. Profile Data: Includes your preferences, purchase history, browsing behavior, feedback, and survey responses.

d. Communication Data: Records of email correspondence, contact form submissions, and customer service chat transcripts, including timestamps and responses.

e. Technical Data: Data regarding your device type, operating system, screen resolution, language settings, internet connection, and system configurations.

f. Transaction Data: Information related to purchases, such as payment details (processed via secure third-party gateways), order history, and delivery tracking.

g. Preference Data: Marketing consents, notification preferences, product interest signals, and cookie selections.

4. Legal Bases for Processing

We rely on the following legal bases to collect and process your personal data in accordance with GDPR:

– Consent: Where you have given explicit permission, such as subscribing to newsletters or accepting cookies.
– Contract: When processing is necessary for the performance of a contract with you, such as fulfilling an online order.
– Legal Obligation: To comply with applicable laws and financial regulations.
– Legitimate Interest: For our operational needs (e.g., fraud prevention, user analytics), provided such interests are not overridden by your data protection rights.

Under the CCPA, we do not sell personal information. Any disclosure of personal data to third parties is limited to service providers under stringent security and confidentiality terms.

5. Your Rights

As a data subject under GDPR, or a consumer under CCPA, you have the following rights in relation to your personal information:

– Right of Access: To request access to the personal data we hold about you.
– Right to Rectification: To correct any inaccurate or incomplete data.
– Right to Erasure: To request the deletion of your personal data, subject to certain exclusions.
– Right to Restriction: To restrict our processing where certain conditions apply.
– Right to Data Portability: To request that your data be transferred in a structured, commonly used format.
– Right to Object: To object to processing based on our legitimate interests or direct marketing.
– Non-Discrimination: Under the CCPA, you have the right not to be discriminated against for exercising your privacy rights.

Requests may be submitted to [email protected]. We will respond within the timelines required by law.

6. Security Measures

We take data protection seriously and implement robust technical and organizational measures to secure your information, including but not limited to:

– SSL encryption for data in transit
– Secure storage and encrypted backups
– Access controls and user authentication mechanisms
– Regular staff data protection training
– Intrusion detection and system audits

Despite our efforts, no transmission or storage system is 100% secure. We urge you to also take steps to safeguard your information when using the internet.

7. International Transfers

Personal data may be transferred to and processed in jurisdictions outside the European Economic Area (EEA). In such cases, we implement appropriate safeguards, such as EU Standard Contractual Clauses, and ensure that our vendors comply with the relevant legal requirements to protect your information.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required under applicable laws. Specific retention periods include:

– Account and Transaction Data: 7 years for tax and audit compliance
– Communication Data: 3 years for customer support tracking
– Technical and Usage Data: 2 years for analytics purposes
– Marketing Preferences: Until consent is withdrawn

When the applicable retention period ends, your data will be securely deleted or anonymized.

9. Cookie Policy

noshoes-club.com uses cookies and similar technologies to enhance your browsing experience. Cookies we use fall into the following categories:

– Essential Cookies: Necessary for the functioning of the Site (e.g., session management, user authentication).
– Functional Cookies: Enable personalization based on user preferences.
– Analytics Cookies: Collect usage data to improve functionality and user experience (e.g., Google Analytics).
– Performance Cookies: Help us analyze performance metrics like page load times and interaction rates.

10. Cookie Management and Compliance

Under GDPR and CCPA, we require your consent before placing non-essential cookies on your device. Users may manage cookie preferences via our cookie banner or by adjusting their browser settings. Disabling certain cookies may affect site functionality.

You have the right to opt in or withdraw consent for cookies at any time. We honor “Do Not Track” signals and Global Privacy Control (GPC) settings where supported.

11. Children’s Privacy

Our Site is not intended for children under the age of 13. We do not knowingly collect, solicit, or process personal information from any individual under the age of 13. If we become aware that data has been collected from a child without verifiable parental consent, we will take reasonable steps to delete such information promptly.

12. Policy Updates

We may revise this Privacy Policy from time to time to reflect legal or operational changes. Updates will be posted on noshoes-club.com with appropriate notice where required. We recommend reviewing this policy periodically to remain informed about how we are protecting your personal data.

13. Contact

For any questions, concerns, or requests related to this Privacy Policy or the processing of your personal data, please contact us at:

Email: [email protected]

We are committed to upholding your privacy rights and complying with applicable regulations. If you believe your data has been processed unlawfully or wish to submit a complaint, you also have the right to contact your local data protection authority.

We appreciate your trust in NoShoes Club and your continued use of noshoes-club.com.