PRIVACY POLICY

PRIVACY POLICY
Last Updated: 2025.04.13
Effective for: 2025.04.13 NiteBond

1. Data Controller  

[NiteBond]  
[support@nitebond.com]  

2. Legal Basis for Processing (GDPR Art. 6 & 9)

We process personal data only when:  
Necessary for contract performance (e.g., order fulfillment)  
With your explicit consent(e.g., marketing emails)  
Required by law (e.g., tax records)  
For legitimate interests(e.g., fraud prevention)  

⚠️ Special Category Data:  
We do not intentionally collect sensitive data under GDPR Article 9 (e.g., health, sexual orientation). If disclosed voluntarily (e.g., in customer service requests), it will be encrypted and minimally processed.  

3. Data We Collect & Purposes

Data Type	Purpose	Legal Basis
Name, shipping address	Order delivery	Contract
Payment details (encrypted)	Transaction processing	Contract
Email address	Order confirmations / marketing (opt-in)	Consent/Legitimate Interest
IP address, device info	Fraud prevention, analytics	Legitimate Interest
Cookies	Website functionality	Consent (non-essential)

 

4. Cookie Policy (ePrivacy Directive)

We use:  
Essential Cookies (e.g., shopping cart) → No consent required
Analytics Cookies(anonymous) → Disabled by default 
Marketing Cookies(e.g., Facebook Pixel) → Requires explicit consent  

Manage Preferences:  
Via Cookie Settings (website footer)  
Through browser settings (may limit functionality)  

5. Data Sharing & International Transfers

Third-Party Recipients:
Payment processors (Stripe, PayPal) → Transaction data only  
Shipping carriers (DHL, UPS) → Delivery details only  
Email marketing tools (Mailchimp) → Only for opted-in users  

International Transfers:
Data may be transferred outside the EU/UK (e.g., Shopify’s US servers) using:  
EU Standard Contractual Clauses (SCCs)
Adequacy decisions (e.g., UK-US Data Bridge)  

6. Data Retention Periods

Data Type	Retention Period
Order records	5 years (tax compliance)
Marketing data	Until unsubscribed
Customer service logs	2 years
Anonymized analytics	14 months

 

7. Your Rights (GDPR Chapter 3) 

You may:  
Access, correct, or delete your data  
Restrict or object to processing  
Withdraw consent (e.g., marketing) → Click "unsubscribe" in emails  
Request data portability → Machine-readable copy  
Lodge a complaint with a supervisory authority  

To exercise rights: Contact [Privacy Email]. We respond within 30 days.  

8. Age Restriction (Adult Products Clause)

By accessing this site, you confirm you are at least 18 years old (or your country’s legal age for adult content).  
We do not knowingly collect data from minors. Suspected cases will be deleted immediately.  

9. Security Measures

SSL/TLS encryption for all data transfers  
Regular security audits
Role-based access control for staff  

10. Policy Updates & Contact

Updates notified via website banner or email  
Archived versions available upon request  
Questions? Email: [support@nitebond.com]