Privacy Policy
1. Introduction
At rafael-castillo.com (“we,” “our,” or “the Website”), we are firmly committed to safeguarding your personal data and respecting your privacy rights. As stewards of our users’ information, we align our data practices with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy describes how we collect, use, store, and disclose your information, and the rights you have in relation to your personal data.
2. Scope of Policy and Role of Data Controller
This Privacy Policy applies to all personal data collected by or on behalf of rafael-castillo.com, including data collected through your use of the Website and any related services. For the purposes of the GDPR and comparable data protection laws, rafael-castillo.com acts as the data controller responsible for determining the purpose and means of processing personal data. Inquiries related to this Privacy Policy can be directed to [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data:
3.1 Usage Data
Data automatically collected during your interaction with the Website, including browser type and version, IP address, referring URLs, session frequency, duration, geographic location, timestamps, and navigation paths.
3.2 Account Data
If you register for an account or submit personal details, we may collect your full name, email address, residential address, phone number, and user credentials.
3.3 Profile Data
Information related to your Website preferences and behaviors, such as language settings, product interests, transaction history, and content consumption patterns.
3.4 Communication Data
Includes information you submit when contacting customer support, filing inquiries, providing feedback, or engaging with us through contact forms or email.
3.5 Technical Data
Comprises information about the device and technology you use to access our services, including device identifiers, operating system, system configuration data, and network information.
3.6 Transaction Data
Data collected from product purchases or service transactions, including payment method, billing information, order history, currency preferences, and shipping details.
3.7 Preference Data
Data reflecting your consent status for marketing communications, notification preferences, and interest in particular products or content types.
4. Legal Bases for Processing
We process your personal data only where we have a valid legal basis, which may include:
– Consent: Where you have explicitly agreed to the specific processing of your data.
– Contractual Necessity: To perform obligations under a contract with you, such as delivering a requested service or processing a purchase.
– Legitimate Interests: Where processing is required for our lawful business operations, provided these interests are not overridden by your rights.
– Legal Obligations: Complying with applicable legal and regulatory requirements.
5. Your Rights as a Data Subject
In line with applicable regulations, you have the following rights over your personal data:
– Right of Access: You may request access to your personal data held by us.
– Right to Rectification: You are entitled to request corrections to inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): You may ask us to delete your personal data under certain conditions.
– Right to Restriction of Processing: You have the right to request limited processing of your data.
– Right to Data Portability: You can request a copy of your data in a structured, commonly used, and machine-readable format to transfer to another provider.
– Right to Object: You may object to specific types of processing, including marketing and profiling.
– Right to Withdraw Consent: Where processing is based on prior consent, you may withdraw such consent at any time without affecting the lawfulness of processing conducted prior to the withdrawal.
To exercise your rights, submit your request to [email protected]. We may request additional identity verification.
6. Security Measures
Protecting your data is a paramount concern. We implement a range of technical and organizational measures, including:
– Encryption protocols for data transmission and storage
– Role-based access controls to restrict internal data access
– Daily system backups and disaster recovery policies
– Security training for personnel
– Regular audits and vulnerability scanning
Although no internet transmission is completely secure, we uphold industry standards to minimize risk.
7. International Data Transfers
Your personal data may be transferred and maintained on servers located outside of your jurisdiction. Where applicable, we rely on standard contractual clauses or other legally acceptable mechanisms to ensure adequate data protection during international transfers, in compliance with GDPR, CCPA, and other regional laws.
8. Data Retention
We retain personal data only for as long as needed to fulfill the purposes for which it was collected, including legal, accounting, or reporting obligations:
– Usage Data: up to 12 months
– Account and Profile Data: retained while the account remains active, and up to 3 years post-deactivation
– Transaction Data: retained for up to 7 years for financial compliance
– Communication Data: retained for up to 2 years after final interaction
– Preference Data: reviewed and refreshed at least once every 12 months
Upon expiration of the retention period or valid deletion requests, the data is securely erased or anonymized.
9. Cookie Policy
Our Website uses cookies and similar tracking technologies to enhance user experience and analyze performance. Categories of cookies include:
– Essential Cookies: Required for Website functionality and security
– Functional Cookies: Store preferences to personalize user experience
– Analytics Cookies: Collect usage metrics to evaluate Website performance
– Performance Cookies: Optimize loading times and system responsiveness
We do not deploy tracking cookies without your consent where required.
10. Cookie Management and Legal Compliance
Upon visiting rafael-castillo.com, users are informed of cookie usage and presented with the ability to manage preferences or opt out via a cookie consent banner. You may adjust cookie preferences at any time through browser settings or on-site cookie settings. Our use and storage of cookies complies with the GDPR, CCPA, and other relevant privacy frameworks.
11. Children’s Privacy
Our services are not intended for use by individuals under the age of 13. We do not knowingly collect or solicit personal data from children. If we discover that we hold information about a child without verified parental consent, we will promptly delete the data. Parents or guardians who become aware of unauthorized data collection may contact us at [email protected].
12. Policy Updates
We may update this Privacy Policy to reflect changes in our data practices or in response to regulatory changes. Material changes that affect how we use your personal data will be communicated through a notice on the Website or through direct communication channels. We encourage you to periodically review this Privacy Policy to remain informed.
13. Contact
For questions, concerns, or to exercise your privacy rights, please contact us at:
Email: [email protected]
Website: https://rafael-castillo.com
We are committed to upholding the highest standards of transparency and accountability in our data practices. Please reach out if you have any questions or require further clarification concerning our privacy commitments.