PRIVACY POLICY
Welcome to muscletrek.com. Your privacy is of paramount importance to us. At MuscleTrek (“we,” “our,” “us”), we are committed to maintaining the trust and confidence of every visitor, customer, and user interacting with our website and services. This Privacy Policy describes how we collect, process, and protect your personal data in accordance with applicable laws, including but not limited to the General Data Protection Regulation (EU) 2016/679 (GDPR) and the California Consumer Privacy Act of 2018 (CCPA).
1. Commitment to Your Privacy and Data Protection
We take your personal privacy seriously and are dedicated to ensuring that all personal information you provide to us is safeguarded with rigorous data protection standards. Our privacy-first approach prioritizes transparency, accountability, and your individual rights.
2. Scope of This Policy and Data Controller Responsibility
This Privacy Policy applies to all users of muscletrek.com and governs the collection and processing of personal data through the website and its associated services.
For the purposes of the GDPR, MuscleTrek is the data controller of your personal data. If you have any questions about how we handle your personal data, you may contact us at [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data:
– Usage Data: includes information about how you use muscletrek.com, such as IP addresses, browser types, operating systems, access times, time zones, pages viewed, and session duration.
– Account Data: includes personal information required for creating and maintaining an account such as your full name, email address, billing address, shipping address, and phone number.
– Profile Data: includes user-generated preferences, shopping behavior, past purchases, and activity on the website.
– Communication Data: includes communications sent to and from you, including chat logs, support inquiries, customer service correspondence, and technical feedback.
– Technical Data: includes information about devices used to access our website, such as hardware model, operating system version, unique device identifiers, and mobile network information.
– Transaction Data: includes records of payments made, payment method used, delivery details, transaction dates, and related order information.
– Preference Data: includes user consents for marketing communication, product interest indicators, and browser cookie selections.
4. Legal Bases for Processing Personal Data
We process your personal data only when legally permitted. The legal bases include:
– Contract: Where processing is necessary for the performance of a contract with you, such as when you make a purchase.
– Legitimate Interest: For legitimate business interests, including the operation, improvement, and security of our website, provided such interests are not overridden by your data protection rights.
– Consent: Where you have provided explicit consent (e.g., for receiving marketing emails or using non-essential cookies).
– Legal Obligation: Where processing is required to comply with applicable laws and regulatory obligations.
5. Your Data Protection Rights
Under applicable data protection laws, you may have the following rights concerning your data:
– Right of Access: Request access to the personal data we hold about you.
– Right of Rectification: Request corrections to inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to our legal obligations.
– Right to Restriction: Request that we limit the processing of your data in certain circumstances.
– Right to Data Portability: Request your data in a machine-readable format and transfer it to another controller.
– Right to Object: Object to processing where we rely on legitimate interests or direct marketing.
– Right to Withdraw Consent: Withdraw previously provided consents at any time.
To exercise your rights, please contact us at [email protected]. We may request verification of identity before fulfilling your request.
6. Security Measures
We employ stringent security protocols to protect your data. These include:
– Encryption of data in transit and at rest.
– Access controls and role-based permissions.
– Regular data backups and audit trails.
– Internal data protection training programs for personnel.
– Secure server infrastructure and firewalls to prevent unauthorized access.
7. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA) or other regulatory jurisdictions, we ensure that such transfers comply with applicable data protection requirements. This may include the use of:
– Standard Contractual Clauses approved by the European Commission.
– Certifications under recognized frameworks (e.g., EU-U.S. Data Privacy Framework).
– Binding Corporate Rules or other legal safeguards.
8. Data Retention Periods
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and in accordance with regulatory requirements. The retention logic per data type includes:
– Usage Data: retained for up to 26 months.
– Account Data: retained until account deletion or after 5 years of inactivity.
– Profile and Transaction Data: retained for 7 years for legal and fiscal compliance.
– Communication Data: retained for up to 3 years.
– Preference Data: retained until consent is withdrawn.
After these periods, data is securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies and similar tracking technologies to enhance user experience. Cookies are categorized as:
– Essential Cookies: necessary for the functioning of the website (authentication, security, navigation).
– Functional Cookies: help remember user choices and preferences.
– Analytics Cookies: collect aggregated data on usage patterns to improve the website.
– Performance Cookies: monitor performance metrics such as load times and error reporting.
For more detailed information, please refer to our full Cookie Policy section available on muscletrek.com.
10. Cookie Management and Compliance
We provide users with the ability to manage their cookie preferences in compliance with GDPR and CCPA requirements. You may accept, reject or configure cookie settings through our cookie consent banner. You may also manage cookies through browser-specific settings.
Under CCPA, California residents have the right to opt-out of the sale of their personal information. While we do not currently sell data as defined under CCPA, we honor opt-out requests and offer a dedicated process for handling them via our website interface or by contacting us.
11. Children’s Privacy
Muscletrek.com is not intended for children under the age of 13. We do not knowingly collect or process personal data from children without parental consent. If we become aware that data has been collected from a child under 13, we will take appropriate steps to delete it.
12. Changes to This Privacy Policy
We reserve the right to update this Privacy Policy to reflect changes in our practices, applicable laws, or technical advancements. In the event of material changes, we will notify users by posting the revised policy on muscletrek.com and, where appropriate, by email or through prominent notice on our platform.
13. How to Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, you may contact us by email at:
[email protected]
We are committed to resolving privacy concerns in a timely and transparent manner.
—
MuscleTrek strives to maintain full compliance with applicable data protection laws and to empower our users through transparency and control over their personal information. For any issues or inquiries related to privacy, you are welcome to reach out directly at [email protected].