Privacy Policy
Cyber Super Powers (“we,” “our,” or “us”) is committed to upholding the highest standards of privacy and data protection. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit or interact with our website located at cybersuperpowers.com (“Website”). It also sets out your privacy rights and how you may exercise them under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
We value the trust you place in us and are committed to transparency, accountability, and user-focused privacy practices.
1. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all personal data collected or processed through cybersuperpowers.com. For the purposes of the GDPR, Cyber Super Powers is the data controller with respect to the processing of your personal data.
For California residents, we operate as a “business” under the CCPA and are responsible for the collection and use of your personal information as described in this Privacy Policy.
2. Categories of Data We Process
In the course of operating our Website, providing services, or interacting with you, we may collect the following categories of personal data:
a. Usage Data
Includes information about how you interact with the Website, such as IP address, browser type, language preferences, referring URL, pages visited, session duration, date and time of access, and diagnostic data.
b. Account Data
Collected when you register or maintain an account with us. This includes your name, billing and shipping address, email address, and telephone number.
c. Profile Data
Includes your preferences, product interests, shopping behavior, past purchases, and interactions on our platform.
d. Communication Data
Encompasses any information you provide in support inquiries, survey responses, email exchanges, or other correspondence with us, including timestamps and communication history.
e. Technical Data
Includes device model, operating system, system and performance data, browser plug-ins, device identifiers, and configuration data derived from your interactions with our services.
f. Transaction Data
Covers details relating to the processing of orders including payment card data (processed securely by our payment providers), order history, subscription details, delivery addresses, and other transaction-related metadata.
g. Preference Data
Includes your communication preferences, marketing consents, product and service interests, and opt-in or opt-out statuses.
3. Legal Bases for Processing
We process personal data based on one or more of the following lawful grounds, depending on the nature of our interactions with you:
– Contract Performance: When processing is necessary to enter into or perform our contractual obligations to you.
– Legitimate Interests: For our legitimate business purposes, such as improving service functionality, preventing fraud, or ensuring network and information security, provided such interests do not override your fundamental rights and freedoms.
– Consent: Where required, we rely on your explicit consent to process your personal data, such as for marketing communications or non-essential cookies.
– Legal Obligation: To comply with legal and regulatory requirements.
4. Your Privacy Rights
Depending on your jurisdiction, you have several important rights over your personal data:
a. Right of Access – You have the right to request information about the personal data we hold about you.
b. Right to Rectification – If your personal data is inaccurate or incomplete, you are entitled to request correction.
c. Right to Erasure – Also referred to as the “right to be forgotten,” you can request deletion of your personal data, subject to certain legal exemptions.
d. Right to Restrict Processing – You may request that we limit the way we use your personal data.
e. Right to Data Portability – In certain circumstances, you are entitled to receive your data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
To exercise any of these rights or obtain additional information, you may contact us at [email protected]. We will respond to valid requests in accordance with applicable law.
5. Security Measures
We employ industry-standard technical and organizational security measures to protect your personal data. These include:
– Encryption of data in transit and at rest;
– Multi-layered access control systems;
– Regular backups and disaster recovery plans;
– Staff confidentiality agreements and training on information security and data protection.
While no method of transmission over the Internet is completely secure, we endeavor to use commercially acceptable means to protect your personal information.
6. International Data Transfers
Where we transfer personal data outside the European Economic Area (EEA), United Kingdom, or other jurisdictions with differing data protection frameworks, such transfers are made in compliance with applicable legal safeguards, including Standard Contractual Clauses adopted by the European Commission or other lawful mechanisms permitted under the GDPR.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, including to satisfy any legal, accounting, or reporting requirements. Retention periods vary depending on the category of data:
– Usage & Technical Data: Up to 12 months for analytics and diagnostics.
– Account & Profile Data: Retained while your account is active and for up to 6 years afterward.
– Transaction Data: Retained as required for financial and legal compliance, typically 7 years.
– Communication Data: Retained for up to 3 years following final correspondence.
– Preference Data: Retained until you withdraw your consent or request erasure.
8. Cookie Policy
cybersuperpowers.com uses cookies and similar technologies to enhance user experience, analyze web traffic, and deliver personalized content. These include:
– Essential Cookies: Required for Website functionality, such as account login and shopping cart support.
– Functional Cookies: Enhance usability and remember your preferences.
– Analytics Cookies: Track usage behaviors for statistical analysis via third-party tools.
– Performance Cookies: Optimize Website responsiveness and performance.
No sensitive personal data is stored in cookies.
9. Cookie Management and Compliance
Upon your first visit to cybersuperpowers.com, you are presented with the option to manage your cookie preferences. Where legally required, we seek your explicit consent prior to using non-essential cookies.
You may withdraw your consent at any time through our cookie preferences panel or by modifying your browser settings. Note that rejecting cookies may impact the functionality of our Website. Our practices comply with both the GDPR and CCPA.
10. Children’s Privacy
Our services are not directed to children under the age of 13, and we do not knowingly collect or solicit personal information from them. If you are a parent or guardian and believe that a child under 13 has provided us with personal data, please contact us immediately at [email protected] and we will take steps to delete such information from our records.
11. Policy Updates
We may revise this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or technology. Any changes will be posted on cybersuperpowers.com. We encourage you to review this Privacy Policy periodically to stay informed of your rights and our obligations.
Where required under applicable law, we will notify you of material changes and, if necessary, seek your consent.
12. Contacting Us
If you have questions, concerns, or wish to exercise your privacy rights, please contact us:
Email: [email protected]
We are committed to resolving inquiries or complaints promptly and responsibly.
Compliance Statement
Cyber Super Powers is fully committed to complying with all applicable privacy regulations, including the GDPR and CCPA. We value your trust and encourage you to contact us at [email protected] with any privacy-related concerns or requests.