Privacy Policy for This is Yello
1. Introduction
At This is Yello (“we,” “us,” or “our”), accessible at thisisyello.com, we are committed to respecting your privacy and protecting your personal data. We take data protection seriously and strive to adhere to the strictest standards of transparency, accountability, and integrity in all matters involving personal data collection and usage. This Privacy Policy outlines how we collect, use, store, and share your information, in accordance with applicable data protection laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Role as Data Controller
This Privacy Policy applies to all users and visitors of thisisyello.com, including those who engage with our services through email, our website, and other digital channels. We act as the “data controller” as defined under the GDPR, meaning we determine the purposes and methods of processing personal data made available to us.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
– Usage Data: Includes information about how you use our website such as IP addresses, browser type and version, time zone setting, pages visited, referring URLs, session duration, and interaction data.
– Account Data: Encompasses personally identifiable data such as full name, billing and shipping address, email address, and phone number when you create an account with us.
– Profile Data: Includes information relevant to your preferences, purchase history, browsing behavior, saved items, and customer account settings.
– Communication Data: Consists of customer service requests, recorded communications, live chat transcripts, and email or message history, including inquiries via the [email protected] email.
– Technical Data: Comprises device-specific data like operating system, device type, mobile identifiers, and system configuration details necessary for site optimization.
– Transaction Data: Involves data required to process a purchase, including payment method details (provided securely via third-party payment processors), order history, and shipping information.
– Preference Data: Indicates your consent for marketing communications, product interest tagging, and general preference settings expressed via cookies or account settings.
4. Legal Bases for Processing
We process your personal data under the following lawful bases, as provided by GDPR and corresponding provisions of the CCPA:
– Performance of Contract: Where processing is necessary to fulfill a contract with you (e.g., delivering purchased goods or services).
– Consent: Where you have given clear permission for us to process your data for a specific purpose (e.g., receiving newsletters).
– Legitimate Interests: When processing is necessary for our legitimate business needs, provided such interests are not overridden by your data protection rights (e.g., fraud prevention, customer retention).
– Compliance with Legal Obligations: Where we are under a legal requirement to process your data (e.g., maintaining financial records, enforcing our Terms of Use).
5. Your Rights
Under GDPR and CCPA, depending on your jurisdiction, you may have the following rights in relation to your personal data:
– Access: You can request confirmation of whether your personal data is being processed and obtain a copy.
– Rectification: You have the right to request corrections to inaccurate or incomplete personal data.
– Erasure: Also known as the “right to be forgotten”; you can ask for your data to be deleted where it is no longer necessary for the purposes collected.
– Restriction: You may restrict or limit the processing of your data in certain circumstances.
– Data Portability: You can request a structured, commonly used, machine-readable format of your data for transfer to another service provider.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational measures to safeguard your data against unauthorized access, alteration, disclosure, or destruction. These include, but are not limited to:
– End-to-end encryption of data communications and storage;
– Role-based access controls with audit trails;
– Regular backups and secure server environments;
– Ongoing security training for our personnel.
7. International Transfers
If we transfer your personal data outside of the European Economic Area (EEA) or your country of residence, we do so under appropriate safeguards such as the European Commission’s Standard Contractual Clauses or frameworks that ensure equivalent protection under applicable laws.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Usage Data: Up to 24 months
– Account and Profile Data: Retained while your account is active and for up to 5 years following deactivation
– Communication Data: 36 months
– Transaction and Technical Data: 7 years (to comply with financial and tax regulations)
– Preference Data: Until consent is withdrawn
Where retention is no longer necessary, we securely delete or de-identify your information in accordance with industry best practices.
9. Cookie Policy
Cookies are small text files placed on your device when you visit thisisyello.com. We use the following types of cookies:
– Essential Cookies: Necessary for the website to function properly (e.g., session management, security).
– Functional Cookies: Enable enhanced functionality like remembering your preferences or location.
– Analytics Cookies: Track user behavior to help us improve site structure and content (e.g., Google Analytics).
– Performance Cookies: Measure site performance to ensure quality service.
10. Cookie Management & GDPR/CCPA Compliance
You can manage or revoke your cookie preferences at any time via our Cookie Management Interface or directly within your browser settings. For California residents, we honor Do Not Sell My Personal Information requests and provide an opt-out mechanism. EU users may manage consent via a GDPR-compliant banner on our site at first access.
11. Children’s Privacy
We do not knowingly collect or process personal data from children under the age of 13. If you believe that a child has provided us personal data without parental consent, please contact us immediately at [email protected] so we can take appropriate action.
12. Policy Updates and Notifications
We may modify this Privacy Policy to reflect legal, regulatory, or business changes. We will notify users of significant modifications by updating relevant notices on thisisyello.com or sending direct communications where possible. Continued use of the site constitutes your acceptance of such updates.
13. Contact Information
For questions or concerns regarding this Privacy Policy or your personal data rights, please contact us directly at:
Email: [email protected]
Website: https://thisisyello.com
We are committed to maintaining compliance with all applicable data protection regulations. If you have any concerns about your privacy or how we process your personal data, please do not hesitate to reach out to us.