Privacy Policy
At Malv Online (“we,” “us,” or “our”), accessible via malvonline.com, we are committed to safeguarding your personal data and upholding your privacy rights. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Our practices are guided by the core principle of privacy-first data stewardship.
1. Introduction
We respect your privacy and are dedicated to protecting your personal data. This Privacy Policy aims to provide you with comprehensive and transparent information on how we handle your personal information whenever you interact with our website or services. Your trust is critical to us, and we implement industry-standard security and data governance policies to ensure the confidentiality and integrity of your data.
2. Scope of Policy and Role of Data Controller
This Privacy Policy applies to personal data collected through malvonline.com. For the purposes of data protection laws, we act as the “data controller,” meaning we determine the purposes and means of the processing of your personal data.
This Policy applies to users, visitors, customers, and subscribers who use or access our website and related services.
3. Categories of Data We Process
We collect and process various categories of personal data depending on your interactions with us:
– Usage Data: Includes information about how you use malvonline.com, such as browser type, operating system, IP address, geolocation, device identifiers, session duration, and page interaction data.
– Account Data: Includes your name, billing and shipping addresses, email address, and phone number when you create or manage your account.
– Profile Data: Includes information such as your purchased products, saved preferences, previous orders, browsing behavior, and user profile settings.
– Communication Data: Includes records of communications with us, such as support queries, contact form submissions, and email interactions.
– Technical Data: Includes device data such as device model, operating system settings, network information, time zone setting, and system configuration files.
– Transaction Data: Includes payment method details (processed by third-party providers), purchase history, order reference numbers, delivery details, and transaction timestamps.
– Preference Data: Includes your marketing preferences, newsletter subscriptions, product interest data, and cookie consent choices.
4. Legal Bases for Processing
Under the GDPR, we rely on the following legal bases to process your personal data:
– Consent: When you voluntarily provide information and give explicit consent (e.g., signing up for newsletters or accepting marketing cookies).
– Contractual Necessity: When processing is required to fulfill a contract or take steps before entering into a contract (e.g., account creation, order fulfillment).
– Legal Obligation: When necessary to comply with legal requirements (e.g., accounting, fraud prevention, or tax reporting).
– Legitimate Interests: For operational purposes such as website analytics, service improvements, fraud detection, and internal record-keeping, provided such interests are not overridden by your fundamental rights and freedoms.
5. Your Rights Under GDPR and CCPA
As a data subject, you have specific rights regarding your personal data, which we uphold:
– Right of Access: You have the right to request access to the personal information we hold about you.
– Right to Rectification: You may request corrections to inaccurate or incomplete data.
– Right to Erasure (“Right to Be Forgotten”): You may ask us to delete your data, subject to applicable legal exceptions.
– Right to Restrict Processing: You may request the restriction of your data processing under certain circumstances.
– Right to Data Portability: You can request a copy of your data in a structured, machine-readable format.
– Right to Object: You can object to certain types of processing, including direct marketing.
– Right Not to Be Discriminated Against (under CCPA): You will not be denied services or receive different treatment for exercising your privacy rights.
To exercise any of your rights, please contact us at: [email protected]
6. Security Measures
We implement appropriate technical and organizational safeguards to ensure the security, confidentiality, and integrity of personal data, including:
– Data encryption in transit and at rest
– Secure access controls and authentication protocols
– Regular system security audits and vulnerability scans
– Employee data protection training and restricted data access
– Frequent data backup schedules
7. International Data Transfers
Your data may be transferred and processed outside your country of residence, including to jurisdictions that may not provide the same level of data protection. Where such transfers occur, we implement Standard Contractual Clauses or rely on other lawful transfer mechanisms recognized under GDPR and ensure compliance with applicable regional-specific obligations under laws such as the CCPA.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting purposes. Specific retention periods are as follows:
– Account and Profile Data: Maintained while you maintain an account with us, and for up to 6 years thereafter for legal protection.
– Transaction Data: Retained for a minimum of 7 years in line with financial and tax regulations.
– Usage and Technical Data: Held for 26 months unless an extended period is required for security analysis or technical evaluations.
– Communication and Preference Data: Retained for up to 3 years from your last interaction or communication unless you request earlier deletion.
9. Cookie Policy
We use cookies and similar technologies to enhance user experience, collect analytics, and personalize advertisements. The following categories of cookies are implemented on malvonline.com:
– Essential Cookies: Necessary for the functioning of the website, including user authentication and load balancing.
– Functional Cookies: Improve usability by remembering preferences, such as language settings.
– Analytics Cookies: Collect anonymous data for understanding user interactions and optimizing content performance.
– Performance/Advertising Cookies: Help us deliver relevant advertising and measure effectiveness.
10. Cookie Management and Compliance
You may manage your cookie preferences via our cookie consent banner upon first visit to malvonline.com, or by adjusting browser settings at any time. You can opt-out of certain cookies without affecting core site functionality.
We honor “Do Not Track” signals and provide CCPA-compliant options for California residents to opt-out of data selling and non-essential tracking.
11. Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13. If you are a parent or guardian and believe your child has provided us with their information, please contact us at [email protected]. We will take appropriate steps to delete such data promptly in accordance with applicable laws.
12. Updates to This Policy
We reserve the right to modify or update this Privacy Policy at our discretion. Should material changes occur, we will notify users through appropriate channels, including postings on malvonline.com and email communications where applicable. We encourage you to periodically review this Policy to remain informed on how we protect your personal data.
13. Contact Us
If you have any questions, concerns, or requests concerning your personal data or this Privacy Policy, please contact us at:
Email: [email protected]
Website: https://www.malvonline.com
We are fully committed to complying with all applicable data protection regulations including the GDPR and CCPA, and to ensuring that your privacy rights and information are respected at all times. We welcome your inquiries and will respond to any privacy concerns in a timely and transparent manner.