Privacy Policy

1. Introduction

At nowhay.com, we are committed to safeguarding your privacy and ensuring the security of your personal data. We recognize the importance of protecting personal information and are dedicated to handling your data with transparency, accountability, and in full compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, and protect your personal data when you interact with nowhay.com.

2. Scope of Policy and Role as Data Controller

This Privacy Policy applies to all visitors, registered users, and others who access or use the services provided through nowhay.com. nowhay.com acts as the “data controller” with respect to the personal data collected and processed through this website, which means we determine the purposes and means of processing your personal information.

3. Categories of Personal Data We Process

We collect and process the following categories of personal data:

– Usage Data: Includes information about how you use our website, including your browser type, IP address, pages visited, timestamps, and session duration.

– Account Data: Includes identifiers such as your name, email address, mailing address, and phone number when you register an account with us or place an order.

– Profile Data: Includes information about your preferences, purchase history, user behavior, and settings you configure on the site.

– Communication Data: Includes records of your communications with us, such as support inquiries, contact forms, messages, and any correspondence.

– Technical Data: Includes information about the device and systems you use to access nowhay.com, such as device identifiers, operating system, screen resolution, and browser configurations.

– Transaction Data: Includes payment and billing information, delivery addresses, transaction history, and related financial data necessary to process any orders or returns.

– Preference Data: Includes marketing preferences, product interests, and any consents or opt-in decisions provided by you, such as subscription to newsletters or promotional materials.

4. Legal Bases for Processing Personal Data

We rely on the following lawful bases to process your personal data in accordance with GDPR and applicable data privacy regulations:

– Consent: When you provide explicit consent for us to process your personal data for specific purposes, such as subscribing to marketing communications or accepting cookies.

– Contractual Necessity: When the processing of your data is necessary to fulfil a contract with you, such as order fulfillment or customer support.

– Legal Obligation: When we are required to process your data to comply with applicable legal obligations.

– Legitimate Interests: When the processing is necessary for our legitimate interests and does not override your rights and freedoms—this may include improving our services, securing the platform, and performing analytics.

5. Your Data Protection Rights

In accordance with GDPR and CCPA, you have the following rights:

– Right of Access: Request access to the personal data we hold about you.

– Right to Rectification: Request correction of inaccurate or incomplete personal data.

– Right to Erasure: Request deletion of your personal data, subject to legal and operational limitations.

– Right to Restrict Processing: Request limitations on the processing of your personal data under certain conditions.

– Right to Data Portability: Request transfer of your data to another service provider where processing is based on consent or contract.

– Right to Object: Object to processing where we rely on legitimate interest or direct marketing purposes.

To exercise your rights, please contact us at [email protected]. We respond to all requests in accordance with applicable laws.

6. Security Measures

We implement appropriate technical and organizational safeguards to protect your personal data from unauthorized access, disclosure, alteration, or destruction. These include:

– Data encryption during transmission and at rest.

– Role-based access control for internal staff.

– Secure storage mechanisms and regular backups.

– Staff training on data protection awareness and incident response.

– Regular review and testing of our security infrastructure.

7. International Data Transfers

Your personal data may be processed outside the jurisdiction in which it was collected, including transfers to countries that may not have equivalent data protection laws. In such instances, we ensure appropriate safeguards are in place, such as the use of Standard Contractual Clauses (SCCs) approved under GDPR, and other mechanisms recognized under CCPA and international frameworks to maintain data protection standards.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Data categories are retained as follows:

– Usage Data: Retained for up to 12 months for analytics and operational improvement.

– Account and Profile Data: Retained for the duration of your account and up to 6 years thereafter for business and legal purposes.

– Transaction Data: Retained for up to 7 years in accordance with tax and financial reporting obligations.

– Communication Data: Retained for up to 3 years to support service history and legal defenses.

– Preference Data: Retained until you withdraw your consent or alter your preferences.

9. Cookie Policy

nowhay.com uses cookies and similar technologies to enhance user experience and optimize performance. Cookies used include:

– Essential Cookies: Necessary for the functioning of the website, including session management, navigation, and security.

– Functional Cookies: Enable enhanced functionality and personalization, such as remembering preferences or language settings.

– Analytics Cookies: Help us understand how users interact with the site, enabling us to improve performance and usability. These may be placed by us or third-party service providers.

– Performance Cookies: Measure the effectiveness of our services, campaigns, and site performance.

10. Cookie Management and Compliance

Upon your first visit, nowhay.com will prompt you to manage your cookie preferences through a consent banner in accordance with GDPR and CCPA requirements. You may modify your preferences at any time by adjusting cookie settings through our website interface or your browser.

Under CCPA, you have the right to opt out of the sale of personal information. nowhay.com does not sell your personal data for monetary gain or similar consideration. If applicable, we provide mechanisms to manage your data processing choices in our cookie consent tool and privacy settings.

11. Children’s Privacy

Our services are not directed toward children under the age of 13, and we do not knowingly collect personal data from individuals under this age. If you are a parent or guardian and believe your child may have provided us with personal data, please contact us at [email protected] so that we may take appropriate steps to delete such information.

12. Policy Updates and Notifications

nowhay.com reserves the right to amend this Privacy Policy at any time to reflect changes in legal, technical, or business developments. When such changes occur, we will notify users through appropriate means, which may include on-site banners, email notifications (where appropriate), or update notices within the website.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact our Data Protection Office via:

Email: [email protected]

We are committed to full compliance with applicable privacy regulations and to providing clear information about how your data is handled. Your trust and privacy are paramount to us.