Privacy Policy
1. Introduction
At JourneyNano, accessible at https://journeynano.com, we are firmly committed to protecting your personal data and upholding your right to privacy. We recognize the importance of transparency, accountability, and user control in how we collect and handle your information. This Privacy Policy outlines how we collect, use, disclose, and safeguard personal data in compliance with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable data protection laws.
2. Scope and Data Controller
This Privacy Policy governs the processing of personal data collected via journeynano.com and any related digital services or customer engagements. For the purposes of the GDPR, JourneyNano is the data controller. For users residing in California, we act as a “business” as defined under the CCPA. Questions or concerns regarding our practices may be directed to [email protected].
3. Categories of Data We Process
We may process a variety of personal data about you, which we categorize as follows:
– Usage Data: This includes data about your interactions with our website, such as IP address, browser type, session duration, geolocation, and navigation paths.
– Account Data: When you create an account or place an order, we collect your name, email address, billing/shipping address, and phone number.
– Profile Data: Includes details related to your preferences, purchase history, website behavior, and reviews or feedback you provide.
– Communication Data: Includes records of communications made through website forms, live chat, support emails, or other contact channels.
– Technical Data: Information about the type and settings of your device, operating system, system configuration, and software versions used.
– Transaction Data: Includes payment methods, order history, shipping information, and transaction identifiers.
– Preference Data: Captures your consent for marketing communications, newsletter subscriptions, interest preferences, and notification settings.
4. Legal Bases for Processing
We process personal data under the lawful bases enshrined in Article 6 of the GDPR and relevant U.S. privacy law provisions:
– Contractual Necessity: Processing is necessary to fulfill a contract with you, including processing orders or managing your account.
– Legitimate Interests: We may process data to enhance security, develop our services, or prevent fraud, except where overridden by your rights.
– Consent: We rely on your explicit consent to send promotional emails, customize content, or collect data via non-essential cookies.
– Legal Obligation: Where required by law, we may process or retain your data to comply with audit, tax, or reporting requirements.
5. Your Rights
As a user, you have the following rights under applicable data protection laws, including GDPR and CCPA:
– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your data, subject to legal retention requirements.
– Right to Restriction: Request limitations on how we process certain personal data.
– Data Portability: Request a structured, machine-readable copy of your personal data to transmit elsewhere.
– Right to Object: Object to data processing based on our legitimate interests.
– Right to Opt-Out (CCPA): California residents may request that we do not sell or share their personal data.
– Right to Non-Discrimination: You will not receive discriminatory treatment for exercising your rights.
6. Security Measures
We implement a combination of technical and organizational safeguards to help secure your personal information:
– Encryption of data at rest and in transit
– Role-based access control and multi-factor authentication
– Regular data backups and system integrity audits
– Employee training on privacy and information security best practices
Although we strive to use commercially acceptable means, no system can be guaranteed 100% secure. You are responsible for maintaining the confidentiality of your account credentials.
7. International Data Transfers
We operate globally and may transfer and process your personal data outside your country of residence. Where required, we use Standard Contractual Clauses approved by the European Commission and implement equivalent protections to ensure your data receives a level of protection consistent with EU and U.S. law.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Policy:
– Account Data: Retained while your account remains active
– Transaction Data: Retained for up to 7 years to satisfy tax and accounting obligations
– Communication Data: Retained for up to 3 years or longer if required for dispute resolution
– Usage and Technical Data: Retained for 12–24 months for analytical and performance purposes
– Preference and Profile Data: Retained until consent is withdrawn or otherwise deemed irrelevant
9. Cookie Policy
JourneyNano uses cookies and similar tracking technologies to optimize website performance, enhance user experience, and for analytic and marketing purposes. Cookies may be categorized as:
– Essential Cookies: Necessary for site security and functionality. Without them, the site cannot operate properly.
– Functional Cookies: Enable features such as remembering user preferences.
– Analytics Cookies: Used to compile statistics to understand user behavior on journeynano.com.
– Performance Cookies: Monitor site speed and interaction issues to improve performance.
10. Cookie Management
In accordance with GDPR and CCPA, consent is requested before placing non-essential cookies. Users can manage cookie preferences at any time by accessing the cookie settings banner available on our website or by adjusting their browser settings to block or delete cookies. California users may exercise their “Do Not Sell or Share My Personal Information” rights through the site’s cookie management settings and data request form.
11. Protection of Children’s Data
Our services are not directed toward individuals under the age of 13, and we do not knowingly collect personal data from children. If we become aware that personal information from a child has been collected without parental consent, we will take appropriate steps to delete that data promptly. Parents or guardians who believe their child has submitted personal information may contact us at [email protected].
12. Updates to This Policy
We reserve the right to update this Privacy Policy at our discretion. Material changes will be clearly communicated on journeynano.com or via email if appropriate. Please review the policy periodically to stay informed about how we handle your personal information.
13. Contact Us
If you have any questions, comments, or concerns about this Privacy Policy or our data handling practices, please contact us at:
Email: [email protected]
Website: https://journeynano.com
We are committed to full compliance with applicable data protection regulations and to safeguarding your privacy rights. Please do not hesitate to reach out with any privacy concerns or requests regarding your personal data.