Privacy Policy for Action-Comics.com
1. Introduction
At Action-Comics.com, your privacy is of paramount importance to us. We are committed to maintaining the confidentiality, integrity, and security of your personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you visit or interact with our website. We process your personal data in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws, reflecting our commitment to safeguarding your privacy and digital rights.
2. Scope of Policy and Role as Data Controller
This Privacy Policy covers personal data collected through action-comics.com in connection with any interaction you have with our services, whether you are browsing, purchasing, registering with an account, or contacting us. For purposes of applicable data protection law, Action-Comics.com is the “data controller” of your personal data, meaning we determine the purposes and means of processing such data.
3. Categories of Personal Data We Process
We may process the following categories of personal data:
– Usage Data: This includes information about how you use our website, such as your IP address, browser type and version, time zone setting, pages visited, session duration, and clickstream data.
– Account Data: When you create an account, we collect identifying details such as your full name, postal address, email address, and phone number.
– Profile Data: This includes information related to your activities and preferences, including order history, saved items, loyalty program settings, and behavioral analytics around your interactions with the site.
– Communication Data: We collect any information you voluntarily provide when contacting customer service, submitting feedback, or engaging with us through support tickets. This includes your communication content and metadata.
– Technical Data: Includes data about the device you use to access our website, including device type, operating system, hardware identifiers, browser configuration, and network settings.
– Transaction Data: We collect payment details (limited to what is necessary), billing information, delivery addresses, and related transactional information when you make a purchase.
– Preference Data: Includes your selections for marketing communications, product interests, newsletter subscriptions, and in-site personalization preferences.
4. Legal Bases for Processing Personal Data
We rely on the following lawful bases to collect and process your personal data:
– Contractual Necessity: Processing necessary to fulfill a contract with you, including processing of orders and providing account-related services.
– Legitimate Interests: Includes fraud prevention, improving service delivery, enforcing legal claims, and securing our systems. We perform a balancing test to ensure your rights and freedoms are not overridden.
– Consent: Certain uses of your data, such as receiving promotional material or optional cookies, are based on your explicit consent, which you may withdraw at any time.
– Legal Obligation: Where processing is necessary for compliance with regulatory or statutory duties.
5. Your Rights as a Data Subject
Subject to certain limitations, you have the following rights under GDPR and CCPA:
– Right of Access – You may obtain confirmation of whether your personal data is being processed and request a copy.
– Right of Rectification – You may request correction of your personal data if it is inaccurate or incomplete.
– Right to Erasure – You may request deletion of your data, subject to certain exceptions as permitted by law.
– Right to Restriction – You may request that we limit processing of personal data where permitted by law.
– Right to Data Portability – You may receive your personal data in a structured, commonly used format or request that it be transmitted to another controller.
– Right to Object – To the extent that processing is based on legitimate interests, you may object to such processing, including for direct marketing purposes.
To exercise your rights, please contact us at [email protected].
6. Security Measures
Action-Comics.com employs technical and organizational security measures designed to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include, but are not limited to:
– End-to-end encryption of data transmissions
– Multi-factor authentication for administrative access
– Role-based access control and user permissions
– Regular data backups stored securely
– Staff training on data protection and cybersecurity principles
Despite our efforts, no system is completely immune from risks, and we encourage you to take steps to protect your own data online (e.g., using strong passwords and secure networks).
7. International Transfers
Your personal data may be transferred to, stored, or processed by our service providers operating in jurisdictions outside of your region. Where such transfers occur, we ensure appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, adherence to the UK Addendum, or reliance on providers certified under appropriate frameworks. We take reasonable steps to ensure that your data remains protected consistent with applicable law.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes we collected it for, including for legitimate business needs, legal obligations, dispute resolution, and enforcement of our agreements.
– Usage and Technical Data: Retained for up to 12 months after collection for analytics and system administration.
– Account and Profile Data: Retained while your account remains active and up to 7 years after closure to comply with legal and financial obligations.
– Communication Data: Retained for 5 years after the final interaction for documentation and dispute handling.
– Transaction Data: Retained for 7 years post-transaction to comply with accounting and audit requirements.
– Preference Data: Retained until you change or withdraw your preferences.
9. Cookie Policy
Action-Comics.com uses cookies and similar technologies to enhance your browsing experience. Cookies may be categorized as:
– Essential Cookies: Required for the operation of our website and services (e.g., login, cart functionality).
– Functional Cookies: Enable site personalization and remember your preferences.
– Analytics Cookies: Allow us to collect data on website usage, such as pages visited and traffic sources, to improve performance.
– Performance Cookies: Track performance metrics such as load times and responsiveness.
10. Cookie Management and Compliance
You can manage your cookie preferences through the Cookie Settings link on our website. Essential cookies cannot be disabled. For non-essential cookies, you may opt-in or out based on your preferences and can change these settings at any time. We ensure compliance with applicable laws, including GDPR and CCPA, by obtaining explicit consent prior to setting certain cookies and by honoring user choices respecting Do Not Track and Global Privacy Control (GPC) settings in supported browsers.
11. Protection of Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13. If we learn that personal data has been collected from a child without verifiable parental consent, we will take prompt steps to delete such data. Parents or guardians with concerns should contact us at [email protected].
12. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. Where appropriate, we will notify users of material changes via in-site notice or email. Continued use of action-comics.com after such updates constitutes acceptance of the revised Policy.
13. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, please reach out to us at [email protected]. We are committed to responding promptly and in accordance with applicable regulatory standards.
We are dedicated to maintaining full compliance with all applicable data protection laws and upholding your trust in our services. For any privacy-related inquiries or to exercise your legal rights, contact us through the information provided above.