Privacy Policy
1. Introduction
At DDP For All (ddpforall.com), we are committed to safeguarding the privacy and personal data of our users. We recognize that your privacy is a fundamental right, and we are dedicated to handling your personal data with transparency, accountability, and utmost care. This Privacy Policy outlines how we collect, process, store, and share your personal information, in accordance with the European Union General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws.
2. Scope of This Policy and Controller Responsibility
This Privacy Policy applies to all visitors, users, customers, and any other individuals whose personal data DDP For All may process when you access or use our website (ddpforall.com) or communicate with us electronically. DDP For All is the data controller for the purposes of GDPR and is responsible for the collection, use, disclosure, and protection of your personal data. If you are a California resident, our role and obligations as a “business” under the CCPA also apply.
3. Categories of Data We Process
We only collect and process personal data that is relevant for the purposes for which it is collected. The categories of data we may process include:
a. Usage Data
We collect information automatically when you browse our website, such as your IP address, browser type and version, pages visited, referring URL, access time, and other diagnostic data derived from your session behavior.
b. Account Data
If you register an account or make use of a service requiring user authentication, we process identifying data such as your full name, postal address, email address, and telephone number.
c. Profile Data
When you engage further with our services, we may process additional profile data including your preferences, interests, product purchase history, behavioral interactions, and survey responses.
d. Communication Data
We collect and store communication information such as inquiries, emails, forms submitted through the website, customer support requests, and correspondence history.
e. Technical Data
This includes device identifiers, internet service provider (ISP), device type, operating system, language settings, browser plug-ins, and system configuration data.
f. Transaction Data
We process information relating to any purchases or financial transactions made with us, including billing details, payment method (processed securely through third parties), delivery details, and purchase amounts.
g. Preference Data
We store user preferences relating to newsletter subscriptions, marketing consents, communication settings, and product interests.
4. Legal Bases for Processing Personal Data
We only process your personal data where lawful bases exist. Our processing activities are justified under the following legal bases:
– Consent: Where you have provided clear and affirmative consent for us to process your personal data for specific purposes (e.g., marketing communications).
– Contractual Necessity: Where processing is necessary to enter into or perform a contract with you.
– Legal Obligation: Where processing is required to comply with legal or regulatory obligations.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, and such interests are not overridden by your rights and freedoms (e.g., improving our services, fraud detection, security).
5. Your Rights Under Data Protection Law
Subject to data protection laws and exemptions, you may exercise the following rights in relation to your personal data:
– Right of Access – Obtain confirmation of whether we process your data and access to the personal data we hold about you.
– Right to Rectification – Request correction of inaccurate, incomplete, or outdated information.
– Right to Erasure – Request deletion of your data, subject to applicable data retention policies and legal requirements.
– Right to Restrict Processing – Limit the processing of your personal data under certain circumstances.
– Right to Data Portability – Receive your personal data in a structured, commonly used, and machine-readable format for transmission to another controller.
– Right to Object – Object to processing based on your legitimate interests or for direct marketing purposes.
– Right to Withdraw Consent – Withdraw your consent at any time where processing is based on your consent.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures to Protect Your Data
We implement commercially reasonable and industry-standard security controls designed to protect your data from unauthorized access, use, alteration, or disclosure. These include but are not limited to:
– Transmission via secure encryption protocols (TLS/SSL)
– Role-based access controls
– Data minimization and pseudonymization strategies
– Regular security and privacy training for staff
– Continuous monitoring and risk assessment
– Periodic backups and data recovery practices
7. International Data Transfers
Where personal data is transferred from the European Economic Area (EEA), the United Kingdom, or other jurisdictions with data transfer restrictions, we ensure such transfers adhere to applicable laws. This includes the use of approved Standard Contractual Clauses and other legally recognized mechanisms, ensuring adequate protections are in place.
8. Data Retention Policy
We retain personal data for only as long as necessary for the purposes described in this policy:
– Usage Data: 12 months for analytics and operational performance
– Account Data: For the duration of the user relationship and up to 3 years thereafter
– Profile and Preference Data: As long as the account is active or relevant interest is demonstrated
– Communication Data: Retained for 2 years for customer support improvement
– Transaction Data: 7 years for financial and legal compliance
– Cookie Data: As described in our Cookie Policy
Once retention periods expire, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies on ddpforall.com to ensure website functionality, improve user experience, and collect usage analytics. The types of cookies include:
– Essential Cookies: Necessary to operate core website functions (e.g., login, account authentication).
– Functional Cookies: Remember user preferences and provide enhanced user experience.
– Analytics Cookies: Help us understand how users interact with our site to enhance content and navigation.
– Performance Cookies: Monitor website performance metrics such as page load times and session frequency.
10. Cookie Management and Regulatory Compliance
In compliance with the GDPR and CCPA, ddpforall.com provides clear choice mechanisms regarding cookies:
– Consent Management Platform: A banner is provided upon first visit allowing you to accept or reject categories of cookies.
– Browser Settings: You may disable or delete cookies through your browser’s settings at any time.
– Do Not Sell: California residents may exercise their right to opt out of the sale of personal information under the CCPA through the Do Not Sell My Personal Information link, where applicable.
11. Children’s Privacy
Our services are not intended for children under the age of 13. We do not knowingly collect or process personal data from children. If we learn that we have inadvertently collected such information, we will take steps to delete it promptly. Parents or legal guardians who become aware of such data collection are encouraged to contact us at [email protected].
12. Policy Updates and User Notifications
We reserve the right to modify this Privacy Policy to reflect changes in law, our data practices, or the features of the site. Any updates will be posted prominently on ddpforall.com. Where material changes affect your rights, we will seek your explicit consent or provide appropriate notice in accordance with applicable legal obligations.
13. Contact Us
For questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact:
DDP For All
Email: [email protected]
We are committed to ensuring full compliance with all applicable privacy laws, including the GDPR and CCPA. If you have any privacy-related concerns, we encourage you to reach out, and we will address your inquiries promptly and transparently.