Privacy Policy
At Nativething (“we,” “us,” “our”), accessible via https://nativething.com, we are committed to safeguarding the privacy and personal data of all users who interact with our website, services, and offerings. We uphold the highest standards of data protection, security, and transparency and are dedicated to compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you engage with our digital services or otherwise communicate with us. It also outlines your rights as a data subject and how you may exercise them.
1. Scope of Policy and Data Controller Role
This Privacy Policy applies to all information collected through your interactions with our website, nativething.com, including but not limited to account registration, browsing activity, transactions, and other communications or engagements.
For purposes of data protection laws such as the GDPR, Nativething is the Data Controller of your personal data. If you reside in California, we serve as a “business” under the CCPA. You may contact us with any questions or concerns regarding your data at [email protected].
2. Categories of Data Processed
We collect and process various categories of information depending on your use of our website or services:
a. Usage Data
This includes information automatically collected as you navigate our site, such as IP address, browser type, operating system, session duration, visited pages, time stamps, and referring URLs.
b. Account Data
When you register for an account, we may collect your full name, email address, mailing address, phone number, login credentials, and other identifiers.
c. Profile Data
We process information related to your preferences, browsing and purchasing behavior, saved settings, and any customizations applied to your user profile.
d. Communication Data
We maintain records of your correspondence with us, including support requests, messages submitted via contact forms, survey responses, and customer service interactions.
e. Technical Data
We gather technical device identifiers and specifications such as device model, screen resolution, operating system version, internet connection type, and hardware settings.
f. Transaction Data
In connection with purchases, we collect payment method details (processed via secure third-party providers), billing/shipping address, order history, and delivery records.
g. Preference Data
This includes your consent status for marketing communications, product interest indicators, ad preferences, and notification settings.
3. Legal Bases for Processing
We process your personal data under the following lawful bases, as permitted under GDPR Article 6 and equivalent provisions under CCPA:
– Consent: For sending marketing communications, placing non-essential cookies, or processing sensitive data when explicit permission is provided.
– Contractual Necessity: For fulfilling orders, providing customer service, and enabling account services based on terms agreed upon.
– Legal Obligation: For complying with applicable laws and regulatory requirements.
– Legitimate Interests: For improving our services, conducting analytics, securing our systems, and preventing fraud, balanced against your individual rights and interests.
4. Your Rights
Under GDPR (if you are located within the European Economic Area) and under CCPA (if you are a California resident), you may exercise the following rights:
– Right of Access: You have the right to request a copy of the data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete personal information.
– Right to Erasure (“Right to be Forgotten”): You can ask us to erase your personal data, subject to certain legal exceptions.
– Right to Restriction: You have the right to request restriction of processing in particular circumstances.
– Right to Data Portability: You can request that your data be transferred in a structured, machine-readable format to you or another controller.
– Right to Object: You may object to processing based on legitimate interests or for direct marketing purposes.
– Do Not Sell My Information (CCPA): California residents have the right to opt-out of the sale of their personal data.
To exercise any of the above rights, please contact us at [email protected]. We will respond in accordance with applicable law.
5. Security Measures
We implement industry-standard technical and organizational measures to safeguard your personal data, including:
– End-to-end encryption of data in transit and at rest.
– Multi-layered access controls with role-based permissions.
– Secure data backup and redundancy systems.
– Regular audits and penetration testing.
– Privacy and security awareness training for all personnel.
6. International Data Transfers
For users located outside the United States, your data may be transferred to or stored on servers in countries that may not provide the same level of data protection. We ensure compliance via:
– Standard Contractual Clauses approved by the European Commission for processors or controllers outside the EEA.
– Additional safeguards such as data minimization and access restriction in regions with elevated risk profiles.
7. Data Retention
We retain your data only as long as necessary for the purposes outlined in this policy or to comply with legal obligations. Specific retention periods include:
– Account Data: Retained for the duration of the active account and up to 6 years after closure.
– Transaction Data: Stored for up to 7 years in accordance with tax and financial reporting requirements.
– Communication Data: Retained for up to 3 years following your last interaction.
– Analytics and Usage Data: Anonymized after 180 days where possible.
– Marketing Preferences: Stored until you withdraw consent.
8. Cookie Policy
We use cookies and similar tracking technologies for various purposes:
– Essential Cookies: Required to operate core site functions (e.g., login sessions, cart management).
– Functional Cookies: Improve user experience (e.g., remembering preferences).
– Analytics Cookies: Allow us to analyze site usage and optimize performance (e.g., via Google Analytics).
– Performance Cookies: Help enhance speed and responsiveness of the website under different user loads.
9. Cookie Management and Compliance
You may manage cookie preferences at any time through our Cookie Consent Banner or via your browser settings. First-time visitors are presented with granular opt-in choices in accordance with GDPR. California residents may opt out of tracking technologies under the “Do Not Sell or Share My Personal Information” link featured on the site.
Consent logs are securely stored for compliance verification.
10. Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13. If you believe that a child has provided us with their information without appropriate parental consent, please contact us at [email protected]. We will take immediate steps to delete such information.
11. Policy Updates
We may periodically revise this Privacy Policy to reflect changes in legal requirements, best practices, or enhancements to our services. Material changes will be communicated to users via notice on our website or other appropriate communication channels. Continued use of nativething.com following updates constitutes your acceptance of the revised terms.
12. Contact
If you have any questions, concerns, or complaints regarding this Privacy Policy or our data handling practices, you may contact us at:
Email: [email protected]
We take privacy matters seriously and endeavor to respond to all inquiries promptly and in accordance with applicable data protection regulations.
This Privacy Policy is intended to adhere to all relevant data privacy laws, including GDPR and CCPA. For more information or to exercise your rights under these laws, please reach out to us directly at the above email address.