Privacy Policy for Paradise Lost 3
At Paradise Lost 3 (“we,” “us,” or “our”), accessible via paradiselost3.com (the “Website”), we recognize the importance of protecting your personal data and respecting your privacy rights. This Privacy Policy outlines our strong commitment to transparency, integrity, and compliance with applicable data protection legislation, including the General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and the California Consumer Privacy Act (“CCPA”). We are devoted to handling your data lawfully, fairly, and in a secure manner.
1. Scope of This Policy and Data Controller Responsibility
This Privacy Policy applies to all personal data collected, processed, or stored by Paradise Lost 3 via the Website or in connection with our services. Paradise Lost 3 is the data controller responsible for processing your personal data as described herein. Should you have inquiries regarding our data handling practices, you may contact us at [email protected].
2. Categories of Personal Data We Process
We process the following categories of personal information, depending on your interaction with the Website:
a. Usage Data
Information about how you use paradiselost3.com, such as your IP address, browser type, device identifiers, access times, pages viewed, and session durations.
b. Account Data
Personal identifiers provided upon account registration or checkout, including your full name, billing and shipping addresses, email address, and contact number.
c. Profile Data
Optional data about your preferences, browsing habits, order history, purchase behavior, and content interaction on our Website.
d. Communication Data
Information provided when you contact us, including support inquiries, email correspondences, chat transcripts, and communication metadata.
e. Technical Data
Details regarding your device, operating system, browser configurations, and system preferences necessary for website optimization and diagnostics.
f. Transaction Data
Payment and billing-related data, order histories, shipping fulfillment details, and financial transactions processed via secure third-party platforms.
g. Preference Data
Information regarding your consent to receive marketing communications, interest in specific products or services, and related advertising preferences.
3. Legal Bases for Processing Personal Data
We rely on the following legal bases under GDPR for processing your personal data:
– Performance of a Contract: When data processing is necessary to fulfill a contractual obligation, such as fulfilling an order.
– Consent: Where required, we obtain your informed and explicit consent—e.g., for marketing communications and cookie preferences.
– Legitimate Interests: For purposes such as website security, fraud prevention, customer service, analytics, and business optimization, provided such interests are not overridden by your fundamental rights.
– Compliance with Legal Obligations: Where we are legally required to retain or disclose certain types of data.
Under CCPA, we ensure transparency about the categories, sources, and purposes of personal data collected and give users the right to opt out of “sales” of personal data, to the extent applicable.
4. Your Data Protection Rights
Subject to applicable law, you have the following rights with respect to your personal data:
– Right of Access: To request a copy of the personal data we hold about you.
– Right of Rectification: To request correction of inaccurate or incomplete data.
– Right to Erasure: To request deletion of your personal data, subject to lawful basis.
– Right to Restriction: To request limitations on processing in certain circumstances.
– Right to Data Portability: To receive a structured copy of your personal data or to have it transferred to another controller upon request.
– Right to Object: To object to certain types of processing, including direct marketing and profiling, based on legitimate interests.
To exercise any of the above rights, please contact us at [email protected]. We may require verification of your identity before fulfilling requests, in accordance with legal requirements.
5. Security Measures
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Our security infrastructure includes:
– TLS encryption of data in transit
– Role-based access controls and authentication mechanisms
– Regular security audits and backups
– Employee training on cybersecurity and data protection best practices
6. International Transfers of Data
Where we transfer personal data outside of the European Economic Area (“EEA”), such transfers are safeguarded by Standard Contractual Clauses approved by the European Commission or by documenting other adequate measures in accordance with GDPR and regional laws. This ensures that your data receives an equivalent level of protection wherever it is processed.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations. We apply the following general retention periods:
– Account and Transaction Data: Up to 7 years, for compliance with financial and tax requirements.
– Support and Communication Data: Up to 2 years from the date of last interaction.
– Marketing and Preference Data: Until you withdraw consent or opt out.
– Technical and Usage Data: Retained for 26 months, unless required for security or diagnostics.
When no longer necessary, data is securely deleted or anonymized.
8. Cookie Policy
We use cookies and similar technologies on paradiselost3.com to enhance your browsing experience and deliver tailored services. Our cookies are grouped as follows:
– Essential Cookies: Required for website functionality, such as account login and checkout.
– Functional Cookies: Remember your settings and preferences.
– Analytics Cookies: Collect aggregate data on site usage via tools like Google Analytics.
– Performance Cookies: Assess website loading times, responsiveness, and user navigation patterns.
9. Cookie Management and Compliance
In compliance with GDPR and CCPA, you are given control over cookie usage during your first interaction with the Website via a clearly displayed consent banner. You may withdraw or modify your preferences at any time by visiting our cookies settings page or adjusting your browser controls. We do not serve non-essential cookies unless you opt in.
California residents may exercise their CCPA rights to opt out of the sale of personal information via designated tools or by contacting us directly.
10. Children’s Privacy
Paradise Lost 3 does not knowingly collect or process personal data from children under 13 years of age. If you are a parent or guardian and believe that a child has submitted personal data to us, please contact us immediately at [email protected], and we will take steps to delete such information promptly.
11. Policy Updates and Notification
We reserve the right to amend or update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. Any modifications will be posted on paradiselost3.com, with users being notified via prominent in-site banners or direct communication where appropriate. You are encouraged to review this Policy periodically to stay informed.
12. Contact Information
If you have any questions, concerns, or wish to exercise any data subject rights under applicable laws, please reach us at:
Email: [email protected]
We are committed to full compliance with applicable privacy laws, including GDPR and CCPA. Your rights and data security are paramount, and we welcome your feedback or inquiries regarding our data privacy practices at any time.
—
This Privacy Policy affirms our commitment to data protection and transparency. For questions or concerns regarding your privacy while using paradiselost3.com, please contact us at [email protected].