Privacy Policy for Ohju Club
1. Introduction
At Ohju Club, accessible via ohjuclub.com, we are committed to protecting your personal data and upholding your privacy rights. This Privacy Policy outlines how we collect, use, store, and protect your information in accordance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). We advocate for transparency and adopt a privacy-first approach to all aspects of our data handling practices.
2. Scope of This Policy and Role of the Data Controller
This Privacy Policy applies to all users who access and interact with ohjuclub.com, including those who register an account, make purchases, contact customer service, or utilize any service or feature on the website. Ohju Club acts as the “Data Controller” for all personal data collected and processed through the platform.
3. Categories of Personal Data Processed
We collect and process the following categories of personal data as necessary to provide you with our services, ensure security, enhance user experience, and fulfill legal obligations:
a. Usage Data
Includes data about your interactions with our website, such as IP address, browser type and version, pages visited, time spent on pages, referring URLs, time zone settings, and other diagnostic data.
b. Account Data
Includes information provided upon registration or account setup, such as full name, billing and shipping addresses, email address, and telephone number.
c. Profile Data
Includes your preferences, purchasing history, browsing behavior, wishlists, reviews, and other customized content and activity on ohjuclub.com.
d. Communication Data
Includes any information you share with us through support inquiries, feedback submissions, chat services, or email correspondence, including the content and metadata of those exchanges.
e. Technical Data
Includes device information, hardware and software identifiers, operating system type and version, IP addresses, mobile carrier, system configuration, and similar information used for diagnostic and analytic purposes.
f. Transaction Data
Includes purchase details, payment information (excluding full credit card numbers, which are securely processed by our third-party payment providers), delivery preferences, and transaction history.
g. Preference Data
Includes your marketing and communication preferences, product categories of interest, and consent records related to direct marketing and promotional communications.
4. Legal Bases for Processing Personal Data
Our processing of your personal data relies on one or more of the following lawful bases, as permitted under data protection laws:
– Consent: Where you have explicitly granted consent for specific processing activities, such as receiving promotional emails.
– Contract: When processing is necessary to fulfill a contract with you, such as processing and delivering an online order.
– Legal Obligation: Where processing is required to comply with a legal obligation, such as tax or record-keeping requirements.
– Legitimate Interest: When there is a legitimate business interest that does not override your rights and freedoms—for example, improving our website’s security or personalizing user experience.
5. Your Data Protection Rights
Under GDPR and CCPA, you have several important rights concerning your personal data. These include:
– Right of Access: You have the right to request access to your personal data held by us.
– Right to Rectification: You may request corrections to any inaccurate or incomplete data we hold about you.
– Right to Erasure: Also known as the “right to be forgotten,” you can request deletion of your data under certain circumstances.
– Right to Restrict Processing: You may ask us to limit how we process your data in specific situations.
– Right to Data Portability: You can request a copy of your data in a structured, commonly used, and machine-readable format.
– Right to Object: You have the right to object to certain types of processing, including direct marketing.
To exercise your data rights, please contact us at [email protected].
6. Security Measures
We prioritize the confidentiality, integrity, and availability of your personal data. Our security practices include:
– End-to-end encryption during data transmission
– Secure storage systems with access controls
– Routine security audits and vulnerability assessments
– Regular data backups stored in secure environments
– Employee training on cybersecurity and data protection principles
7. International Data Transfers
When personal data is transferred outside the European Economic Area (EEA) or California, we ensure it is safeguarded using approved legal mechanisms, including:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Binding corporate rules or certification mechanisms
– Adequate country determinations under GDPR
We keep records of all cross-border data processing activities and ensure compliance with applicable privacy laws in each jurisdiction.
8. Data Retention
We retain personal data only as long as necessary to fulfill the purposes for which it was collected, including legal, regulatory, tax, accounting, or reporting requirements. Retention periods vary by data category:
– Usage and Technical Data: up to 12 months
– Account and Profile Data: retained while active, and up to 5 years post-deactivation
– Communication Data: 3 years from date of last contact
– Transaction Data: retained for 7 years for compliance with financial regulations
– Preference and Marketing Data: retained until consent is withdrawn or after 2 years of inactivity
9. Cookie Policy
ohjuclub.com uses cookies and similar tracking technologies to enhance website functionality, understand user behavior, and personalize content. These may include:
– Essential Cookies: Necessary for website functionality and account authentication.
– Functional Cookies: Enable enhanced features such as remembering language preferences.
– Analytics Cookies: Collect aggregated usage statistics to improve user experience.
– Performance Cookies: Monitor website performance and assist in bug fixes.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, we obtain user consent prior to placing non-essential cookies on your device. Users may opt in or out of cookie categories through the cookie consent banner or manage preferences through their browser settings. We honor CCPA opt-out requests for “selling” or “sharing” of personal information and provide mechanisms for managing Do Not Sell My Personal Information requests on our website.
11. Children’s Privacy
ohjuclub.com is not intended for use by children under the age of 13. We do not knowingly collect or process personal data of minors without verifiable parental consent. If we learn that we have improperly collected personal data from a child under 13, we will take steps to delete the information as quickly as possible.
12. Policy Updates and Notifications
We reserve the right to update this Privacy Policy in response to changing legal, regulatory, or operational requirements. Users will be notified of material changes through appropriate channels, which may include on-site notifications, email updates (where consented), or other reasonable measures. Continued use of ohjuclub.com constitutes acceptance of the revised policy.
13. Contact Us
For questions about this Privacy Policy, your rights, or our data practices, please contact us at:
Email: [email protected]
Website: https://ohjuclub.com
We are committed to resolving your privacy concerns fairly and promptly.
—
Ohju Club affirms its compliance with GDPR, CCPA, and broader privacy standards. Please reach out to us at the email provided above if you have any privacy-related questions or requests.