Privacy Policy for Double-or-Nothing.com
1. Introduction
At Double-or-Nothing.com (“Company,” “we,” “our,” or “us”), your privacy is of paramount importance. We are firmly committed to safeguarding your personal data and ensuring that your information is handled in a secure, transparent, and legally compliant manner. This Privacy Policy outlines how we collect, use, store, and protect your personal information, as well as your rights under the applicable data protection laws, including the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
2. Scope of This Policy and the Role of the Data Controller
This Privacy Policy applies to all personal data collected through our website, available at double-or-nothing.com, and any related services. We act as the “data controller” in relation to the personal data we collect and process. This means we determine the purposes and means of processing your data. By using our services, you acknowledge that you have read and understood this Privacy Policy.
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a) Usage Data: Includes information such as browser type, IP address, device identifiers, session duration, pages visited, referring URLs, and navigation paths.
b) Account Data: Covers information you provide when registering for an account, such as your name, physical address, email address, and telephone number.
c) Profile Data: Includes your preferences, purchase history, settings, interests, behavioral interactions, and feedback.
d) Communication Data: Consists of any support queries, messages sent via our contact forms, emails exchanged, and customer service interactions.
e) Technical Data: Involves information from your device, including operating system, browser plug-in types, screen resolution, system language, and configuration settings.
f) Transaction Data: Pertains to details of payments made, purchase timestamps, billing addresses, shipping information, and payment card metadata (collected securely through compliant third-party processors).
g) Preference Data: Captures your marketing preferences, notification consents, newsletter subscriptions, opted-in promotions, and expressed product interests.
We do not knowingly collect or process sensitive personal data (e.g., biometric data, health information, or political opinions), unless explicitly required and with prior consent under applicable laws.
4. Legal Bases for Processing
We process your personal data lawfully, fairly, and transparently. The legal bases we rely on include:
– Consent: Where you have explicitly consented to the processing of your data for specific purposes, such as marketing communications.
– Contractual Necessity: When data processing is necessary for the performance of a contract with you or to take pre-contractual steps at your request.
– Legal Obligation: Where processing is necessary to comply with a legal obligation to which we are subject.
– Legitimate Interests: Where processing is carried out for our legitimate interests in maintaining, improving, and securing our platform, provided such interests are not overridden by your rights and freedoms.
5. Your Data Protection Rights
As a data subject, you have the following rights under GDPR and CCPA, depending on your geographic location:
– Right of Access: You may request information about the personal data we hold about you.
– Right to Rectification: You are entitled to request correction of inaccurate or incomplete data.
– Right to Erasure: You may ask us to delete your personal data, subject to legal or contractual retention requirements.
– Right to Restrict Processing: You may request that we suspend the processing of your personal information under certain circumstances.
– Right to Data Portability: You may obtain and reuse your data across services in a machine-readable format.
– Right to Object: You can object to processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time.
– Rights under CCPA: California residents can request information about data collected, sold, or disclosed, request deletion, and opt out of the sale of personal data.
To exercise any of these rights, please contact us at: [email protected]
6. Security Measures
We implement a range of appropriate technical and organizational security measures designed to protect personal data from unauthorized access, misuse, alteration, or loss. These include, but are not limited to:
– Encryption of data at rest and in transit
– Strict access controls and multi-factor authentication
– Secure server environments and firewalls
– Continuous monitoring and vulnerability assessments
– Regular data backups and robust disaster recovery protocols
– Employee training programs on data privacy and information security
7. International Data Transfers
Where personal data is transferred outside of the European Economic Area (“EEA”) or similar jurisdictions, we take appropriate safeguards to ensure the continued protection of your data. These include the use of Standard Contractual Clauses approved by the European Commission, adherence to relevant adequacy decisions, and the implementation of supplementary protective measures where necessary.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, regulatory, tax, accounting, or reporting obligations. Specific retention periods include:
– Usage and Technical Data: up to 2 years
– Account and Profile Data: as long as the account is active and up to 6 months after closure
– Communication and Preference Data: 3 years after the last contact
– Transaction Data: retained for a minimum of 7 years to comply with tax laws
After applicable retention periods, your data will be securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies and similar technologies to distinguish you from other users and enhance your experience. We classify cookies into the following categories:
– Essential Cookies: Necessary for the proper functioning of the website and user authentication.
– Functional Cookies: Allow the site to remember preferences and settings.
– Analytical Cookies: Help us understand user behavior through aggregated site usage metrics.
– Performance Cookies: Support load balancing, monitoring, and system optimization.
Some cookies are set by third-party service providers who help us analyze traffic and deliver content. These cookies are subject to their respective privacy policies.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, you can manage your cookie preferences using the cookie consent banner displayed upon your first visit to double-or-nothing.com. You may also control cookie storage via your browser settings or use industry tools such as the Network Advertising Initiative opt-out tool. We will honor “Do Not Track” browser signals where applicable.
We do not sell personal data for monetary gain. California users may still exercise their right to opt out of any future data sale, as broadly defined by the CCPA, by contacting us directly.
11. Children’s Privacy
We do not knowingly collect, solicit, or process personal data from individuals under the age of 13. Our services are not directed towards children, and if we become aware that a minor has provided us with personal information, such data will be deleted without delay. Parents or guardians who believe their child may have submitted personal data to us should contact us at: [email protected].
12. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our legal obligations, technologies, or business practices. We encourage you to review this page periodically to stay informed. Where material changes are made, we will endeavor to notify users through appropriate channels, which may include email or prominent notices on our site.
13. Contact Us
If you have any questions, concerns, or wish to exercise your privacy rights, please contact us at:
Email: [email protected]
Website: double-or-nothing.com
We are committed to full compliance with applicable data protection laws and will address all inquiries in a timely and transparent manner.