Privacy Policy
1. Introduction
At Rootex Creative (“we”, “our”, or “us”), accessible via rootexcreative.com (the “Website”), we are deeply committed to safeguarding your privacy and protecting your personal data. We process your information transparently and lawfully, respecting your rights and upholding the highest standards of data protection in accordance with applicable laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy outlines how we collect, use, share, and protect your personal information, and describes your rights and choices.
2. Scope of This Policy and Our Role
This Privacy Policy applies to all users, visitors, and customers accessing or interacting with the Website. Rootex Creative is the data controller responsible for the processing of your personal information as defined under the GDPR and is also considered a business under the CCPA. By using rootexcreative.com, you acknowledge that you have read and understood the practices described in this Policy.
3. Categories of Personal Data We Process
We collect and process the following categories of data, depending on your interaction with our Website and services:
A. Usage Data
Includes your Internet Protocol (IP) address, browser type, browsing history, pages viewed, session data, timestamps, and referral URLs. This data is collected to improve the performance and security of rootexcreative.com.
B. Account Data
Includes your name, physical address, email address, and phone number. This information is typically collected when you create an account, sign up for services, or submit inquiries.
C. Profile Data
Includes your preferences, language settings, purchase history, and behavioral insights derived from the use of our services.
D. Communication Data
Includes correspondence records, customer support inquiries, messages sent to or from us, and communication history.
E. Technical Data
Includes device identifiers, operating systems, browser configurations, network type, and related diagnostic data.
F. Transaction Data
Includes billing information, order details, payment methods, and shipping or delivery addresses.
G. Preference Data
Includes your preferences regarding marketing communications, product or service interests, and consent records.
4. Legal Bases for Processing Personal Data
We process your personal information only when a legal basis applies under relevant data protection laws:
– Legitimate Interest: To conduct and optimize business operations, maintain security, prevent fraud, and improve Website functionality.
– Performance of a Contract: When data processing is necessary to fulfill a contract with you or to take steps at your request before entering into a contract.
– Legal Obligation: When processing is necessary to comply with applicable laws and regulatory obligations.
– Consent: When you have provided clear permission for us to process your personal data for specific purposes, particularly with respect to marketing communications and non-essential cookies.
5. Your Rights
You have the following rights concerning your personal data:
– Right of Access: To request access to the personal data we hold about you.
– Right to Rectification: To correct or update your personal information where it is inaccurate or incomplete.
– Right to Erasure: To request the deletion of your personal data, subject to legal exceptions.
– Right to Restrict Processing: To request that we temporarily or permanently stop processing all or some of your data.
– Right to Data Portability: To obtain your personal data in a structured, commonly used, machine-readable format and have it transferred to another controller where technically feasible.
– Right to Object: To object, on grounds related to your situation, to our processing of your data where we rely on legitimate interest or carry out profiling.
– Right Not to Be Subject to Automated Decision-Making: We do not engage in decisions based solely on automated processing that have legal or similarly significant effects.
To exercise any of the above rights or lodge a complaint, please contact us at [email protected].
6. Security Measures
We implement rigorous technical and organizational measures to protect your personal data, including:
– Encryption of data in transit and at rest using industry-standard protocols.
– Controlled access systems and role-based user permissions.
– Regular security audits and vulnerability assessments.
– Enforced data minimization and retention policies.
– Staff training on data protection principles and practices.
7. International Data Transfers
If personal data is transferred outside the European Economic Area (EEA) or other jurisdictions with similarly stringent data laws, we ensure that appropriate safeguards are in place, including the use of Standard Contractual Clauses (SCCs) approved by the European Commission, or data transfer mechanisms recognized under the relevant data protection regulations.
8. Data Retention
We retain personal data only as long as necessary to fulfill the purposes outlined in this Privacy Policy or to comply with legal, regulatory, or operational obligations.
– Usage and Technical Data: Retained for a maximum of 12 months.
– Account and Profile Data: Retained for the duration of your relationship with us, plus up to 6 years for legal or contractual obligations.
– Communication Data: Retained for up to 3 years for customer service and dispute resolution.
– Transaction Data: Retained for a minimum of 7 years in accordance with accounting and tax regulations.
– Preference Data: Retained until you withdraw consent or request deletion.
9. Cookie Policy
We use cookies and similar tracking technologies on rootexcreative.com for the following purposes:
– Essential Cookies: Required for Website functionality, authentication, and security.
– Functional Cookies: Enable helpful Website features and remember user preferences.
– Analytics Cookies: Help us understand Website performance and user behavior (e.g., Google Analytics).
– Performance Cookies: Optimize loading speeds and diagnose technical issues.
All non-essential cookies require your prior consent.
10. Cookie Management and Compliance
European Union (GDPR): Prior to setting any non-essential cookies, we obtain explicit consent. You may manage your cookie preferences through the cookie banner present on rootexcreative.com or your browser settings.
California (CCPA): Residents of California may opt out of the sale or sharing of personal information by clicking “Do Not Sell or Share My Personal Information” where available and managing preferences within cookie settings.
11. Children’s Privacy
Our Website is not directed toward individuals under the age of 13. We do not knowingly collect, use, or disclose personal data from children. If you are a parent or legal guardian who believes your child has provided us with personal data, please contact us at [email protected], and we will take appropriate steps to delete such information.
12. Policy Updates and Notifications
We reserve the right to amend this Privacy Policy at any time to reflect changes in our services, applicable laws, or data protection practices. We encourage you to review this policy periodically. Where material changes are made, we will provide additional notice (e.g., via Website banners or direct communication, as appropriate).
13. Contact Us
If you have questions, concerns, or complaints related to this Privacy Policy or our data processing practices, please contact us via email at:
Email: [email protected]
Rootex Creative is fully committed to complying with the GDPR, CCPA, and other applicable data privacy regulations. We take your privacy seriously and invite you to contact us with any privacy-related inquiries or concerns.