Privacy Policy for rafael-castillo.com
Rafael Castillo, accessible via rafael-castillo.com, is committed to maintaining the highest standards of data privacy and information security. This Privacy Policy outlines how we collect, use, store, and safeguard personal data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). By using our website and services, you agree to the terms outlined herein.
1. Commitment to Privacy and Data Protection
At rafael-castillo.com, we respect the rights and freedoms of all individuals and place the utmost importance on protecting personal data. We adhere to the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality as enshrined in global data protection frameworks.
2. Scope of this Policy and Role of the Data Controller
This Privacy Policy applies to all visitors, users, and customers who access and interact with our website, services, communications, and systems. Rafael Castillo is the “data controller” for the purposes of GDPR and determines the purposes and means of processing your personal data. For any questions or data-related requests, you may contact us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of data, depending on your interactions with our site and services:
a. Usage Data
Includes information about your browser type, operating system, IP address, geographical location, timestamps, and pages visited. This data helps us optimize user experience and maintain system integrity.
b. Account Data
When you create an account or transact on rafael-castillo.com, we may collect your full name, mailing address, email address, and telephone number.
c. Profile Data
Includes your preferences, behavioral data, interaction history, and purchase records that help us customize content, product offerings, and services to your needs.
d. Communication Data
Pertains to records of your interactions with us, including support queries, messages, emails, form submissions, and related correspondence.
e. Technical Data
Refers to device identifiers, network settings, system configurations, and diagnostic data necessary for secure and stable operation of the website.
f. Transaction Data
Encompasses payment details (excluding full card numbers), billing information, method of payment, order history, and fulfillment data relevant to shipped goods or services.
g. Preference Data
Includes your marketing and communication preferences, product interests, opt-in or opt-out statuses, and consent records associated with promotional messaging.
4. Legal Bases for Processing Personal Data
We process personal data lawfully using one or more of the following legal bases:
– Consent: When you have explicitly permitted us to process your data, e.g., marketing subscriptions.
– Contract: Where processing is necessary for executing a contract or providing you with requested services.
– Legal Obligation: When required by applicable law to retain, disclose, or process certain information.
– Legitimate Interests: Where processing supports operational integrity, customer service, analytics, marketing, or fraud prevention, and these interests do not override your rights and freedoms.
5. Your Rights Under GDPR and CCPA
As a user, you are entitled to exercise the following rights, subject to applicable law and identity verification:
– Right of Access: You may request information about how your data is used and obtain a copy of your personal data.
– Right to Rectification: You may request that any inaccurate or incomplete personal data be corrected.
– Right to Erasure: Also known as the “right to be forgotten,” you may request deletion of your data when no longer necessary for the stated purpose.
– Right to Restriction: You may request that we limit processing of your personal data under certain conditions.
– Right to Data Portability: You may request to receive your personal data in a structured, commonly used, and machine-readable format and have it transferred to another controller where technically feasible.
– Right to Object: You may object to processing based on our legitimate interests or direct marketing.
California residents may also have the right not to be discriminated against for exercising CCPA rights and to request disclosures about the types and sources of data we have collected or shared with third parties.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational measures to safeguard personal data. These include industry-standard encryption protocols, secure server infrastructure, access control policies, regular cybersecurity training for staff, multi-factor authentication, and periodic security audits. Data access is limited strictly to authorized personnel with a legitimate need to know.
7. International Data Transfers
When data is transferred outside the European Economic Area (EEA) or other jurisdictions with strict data regulations, we ensure such transfers are protected by appropriate safeguards including European Commission-approved Standard Contractual Clauses, adequacy decisions, or other legally recognized mechanisms.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Retention periods include:
– Usage and Technical Data: up to 12 months for analytics and debugging
– Account and Profile Data: retained while your account is active and up to 5 years thereafter
– Transaction Data: retained for a minimum of 7 years to meet financial recordkeeping obligations
– Communication Data: retained for up to 3 years post-resolution
– Preference Data: retained in accordance with your consent or until withdrawal
Upon the lapse of such periods, data is securely anonymized or deleted unless required for legal compliance.
9. Cookie Policy
Cookies are small data files placed on your device when you visit rafael-castillo.com. We use the following types:
– Essential Cookies: Necessary for website navigation and basic features.
– Functional Cookies: Facilitate enhancements such as language preference and saved user sessions.
– Analytics Cookies: Help us understand site usage and performance through anonymized data.
– Performance Cookies: Optimize load times and responsiveness by tracking system behavior.
10. Cookie Management and Compliance
You have the right to manage your cookie preferences. Upon visiting our site, a cookie banner enables you to accept or reject non-essential cookies in compliance with GDPR and CCPA. Most browsers also allow you to control cookies through browser settings. Disabling cookies may affect certain functionalities but will not prevent general site access.
11. Children’s Privacy
rafael-castillo.com does not knowingly collect or process data from children under the age of 13. In accordance with the Children’s Online Privacy Protection Act (COPPA) and other applicable laws, if we learn that information was collected from a child without verified parental consent, we will erase such information promptly. If you believe we may have inadvertently collected such data, please contact us at [email protected].
12. Policy Updates and User Notification
We reserve the right to amend this Privacy Policy from time to time. Users will be notified of significant changes through on-site notifications, banners, or email communication where applicable. Continued use of the site following updates constitutes acceptance of the revised terms.
13. Contact Information
If you have any questions, requests, or concerns relating to this Privacy Policy or your personal data, please contact us at:
We are committed to compliance with all applicable privacy laws and will respond promptly and transparently to all credible inquiries and requests concerning your data rights and protections.