Privacy Policy
1. Introduction
NYC Gifted (“we,” “us,” or “our”) is committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data when you visit and interact with our website, nycgifted.com. We are dedicated to ensuring your personal information is handled in accordance with all applicable privacy laws, particularly the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
By using nycgifted.com, you signify your consent to the practices described in this Privacy Policy. If you do not agree with the practices described herein, please refrain from using our website.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, customers, and others who access nycgifted.com. For the purposes of the GDPR, NYC Gifted is the data controller responsible for your personal data. This means we determine the purposes and means of processing your data.
For any inquiries related to this Privacy Policy or your personal data, you may contact us at: [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal information:
– Usage Data: Includes information such as browser type and version, IP address, operating system, referral source, time spent on pages, and navigation paths.
– Account Data: Includes registration details such as name, postal address, email address, phone number, and user credentials.
– Profile Data: Includes your preferences, purchase history, activity logs, and behavioral trends.
– Communication Data: Includes contents of emails, support messages, contact form entries, and records of communications exchanged with our support team.
– Technical Data: Includes device type, system configuration, screen resolution, operating system, and mobile network data.
– Transaction Data: Includes payment details (processed via secure third-party platforms), billing and shipping addresses, and order history.
– Preference Data: Includes communication preferences, marketing consent choices, and interests inferred from user behavior and interactions.
4. Legal Bases for Processing Your Personal Data
Under GDPR, we process personal data using the following legal bases:
– Consent: When you provide explicit permission for activities like newsletter subscription or personalized marketing.
– Contractual Necessity: To perform duties related to fulfilling a contract, such as processing an order or responding to an inquiry.
– Legal Obligation: To comply with applicable laws and enforce legal rights.
– Legitimate Interests: For internal business needs, improving our platform, security enhancements, user experience, and fraud prevention, provided these do not override your rights and freedoms.
5. Your Rights
Under GDPR and CCPA, you have the right to:
– Access: Request information about whether and how your personal data is being processed.
– Rectification: Request corrections to inaccurate or incomplete data.
– Erasure: Request deletion of your personal data, subject to legal and operational limitations.
– Restriction: Restrict the processing of your data under certain circumstances.
– Portability: Receive your data in a structured, commonly used format and transmit it to another controller where feasible.
For California residents, you may also request to opt out of the sale of your personal information, even though NYC Gifted does not currently sell personal data for monetary value.
To exercise these rights, please contact us at [email protected]. We may verify your identity before processing your request.
6. Security Measures
We employ robust technical and organizational safeguards to protect your personal data, including:
– Encryption in transit and at rest
– Firewalls and access control protocols
– Regular security assessments and monitoring
– Secure data backups
– Employee training on data protection and security
– Limited access to your personal information based on the need to know
Despite our efforts, no digital transmission or storage system is perfectly secure. Any transmission of personal information is at your own risk.
7. International Data Transfers
Personal data collected via nycgifted.com may be transferred to, stored, and processed in countries outside your jurisdiction. Where applicable, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or adopt similar legally recognized means, ensuring that your data receives adequate protection as required by GDPR.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal, regulatory, accounting, or reporting obligations. General retention guidelines include:
– Usage & Technical Data: up to 24 months
– Account & Profile Data: for the life of the account + 2 years
– Communication Data: 5 years following last correspondence
– Transaction Data: at least 7 years for financial compliance
– Marketing Preference Data: retained until you withdraw consent
Once data is no longer required, it is securely deleted or anonymized.
9. Cookie Policy
NYC Gifted uses cookies and similar technologies to enhance website functionality, analyze usage patterns, and deliver personalized content. Cookies used include:
– Essential Cookies: Necessary for website functionality and security
– Functional Cookies: Remember preferences to improve user experience
– Analytics Cookies: Track website traffic and usage trends (e.g., Google Analytics)
– Performance Cookies: Monitor site performance and responsiveness
Cookies do not typically identify you individually, but they may be linked to a unique identifier.
10. Cookie Management and Compliance
You have the ability to manage or disable cookies at any time via your browser settings or our on-site cookie consent banner, which adheres to GDPR and CCPA standards. Where required by law, we obtain your explicit consent before placing non-essential cookies. Please note that disabling cookies may limit certain features of nycgifted.com.
11. Children’s Privacy
NYC Gifted provides services intended for general audiences and does not knowingly collect personal information from children under the age of 13 without verifiable parental consent. If you believe that we may have collected information from a child, please contact us immediately at [email protected] to take appropriate action.
12. Policy Updates
We may revise this Privacy Policy periodically in response to changing legal, technical, or business developments. Where updates materially affect your rights or how we use your data, we will notify you through appropriate means, which may include website notices or direct communication, depending on the nature of the change.
We encourage you to review this policy regularly to stay informed about our privacy practices.
13. Contact Us
For questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us at:
We are committed to ensuring your privacy rights are respected and upheld in accordance with applicable laws, including the GDPR and CCPA. Please do not hesitate to reach out with any data protection inquiries.