Privacy Policy
Mydittolife.com (“we,” “us,” or “our”) is committed to respecting and protecting your privacy. We are dedicated to safeguarding the personal information of our users and ensuring transparency about how data is processed in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
By accessing or using mydittolife.com (the “Site”), you agree to the practices described in this Privacy Policy. If you do not agree with this policy, please do not use our services.
1. Scope of This Policy & Our Role as Data Controller
This Privacy Policy applies to your use of our website at mydittolife.com and any related services, regardless of how you access them. As the data controller, My DITTO Life determines the purposes and means of processing your personal data.
2. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Information about your interactions with mydittolife.com, including browser type, IP address, location data, referring URLs, session duration, and activity metrics.
b. Account Data
Information provided when creating an account, such as full name, email address, phone number, postal address, and password credentials.
c. Profile Data
Data related to your preferences, purchase history, browsing behavior, and custom settings on mydittolife.com.
d. Communication Data
Records of support inquiries, messages sent to us, responses from our team, and communication preferences.
e. Technical Data
Details about your device (e.g., type, operating system, system language), browser configurations, and diagnostic information.
f. Transaction Data
Order details, billing/shipping addresses, payment identifiers (note: we do not store card details), fulfillment records, and related logistics data.
g. Preference Data
Information about your consent for marketing, notification settings, and preferences regarding products or content.
3. Legal Basis for Processing Personal Data
We rely on the following lawful bases to process personal data:
– Consent: When you provide explicit consent for particular processing activities (e.g., receiving newsletters).
– Performance of a Contract: When data processing is necessary to fulfill our obligations under a contract you enter into with us.
– Legitimate Interests: When it is necessary for our legitimate business purposes, provided such interests are not overridden by your rights (e.g., fraud prevention, website performance monitoring).
– Legal Obligation: When we are required to process personal data to comply with legal or regulatory obligations.
4. Your Rights Under Applicable Data Protection Laws
You have specific rights regarding your personal data. These include:
– Right to Access: You may request access to your personal information.
– Right to Rectification: You can request that we correct any inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your data, subject to legal and contractual obligations.
– Right to Restrict Processing: You have the right to request that we limit processing in particular circumstances.
– Right to Data Portability: You can request your data in a structured, commonly used, and machine-readable format to be transmitted elsewhere.
– Right to Object: You may object to the processing of your personal data where we rely on legitimate interests or for direct marketing.
To exercise these rights, please contact us at [email protected].
5. Security Measures
We implement appropriate technical and organizational measures to ensure the security and confidentiality of your personal data, including:
– End-to-end encryption of data during storage and transmission
– Scheduled backups with secure data retention protocols
– Strict access controls and user authentication
– Staff training on data protection best practices
We continually assess and update our security practices in line with industry standards.
6. International Data Transfers
Your information may be transferred to and maintained on servers located outside your jurisdiction. Where required, we use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission and ensure third-party processors comply with applicable regional data protection requirements.
7. Data Retention Practices
We retain personal data only for as long as necessary for the purposes it was collected or to comply with legal and regulatory obligations. Retention periods vary by data category:
– Account Data: Retained while your account is active and up to 3 years thereafter
– Transaction Data: Retained for 7 years to satisfy tax and financial reporting obligations
– Technical and Usage Data: Retained for up to 12 months for analytical and diagnostic purposes
– Communication Data: Retained for 2 years for service continuity
8. Cookie Policy
We use cookies and similar technologies on mydittolife.com for various purposes:
– Essential Cookies: Required for site functionality (e.g., session management)
– Functional Cookies: Remember user preferences and choices
– Analytics Cookies: Assess site performance and understand user interactions
– Performance Cookies: Improve load times and user experience
We do not use cookies to collect personally identifiable information without your consent.
9. Cookie Management and Compliance
Upon your first visit to mydittolife.com, you will be presented with a cookie banner offering the option to accept or manage our use of cookies. You may withdraw your consent or change your preferences at any time via the cookie management settings on the Site. These capabilities ensure alignment with both GDPR and CCPA requirements.
10. Data About Children
We do not knowingly collect personal data from children under the age of 13. If we become aware that we have inadvertently processed data from a child without parental consent, we will act to delete the data promptly. Parents and legal guardians may contact us at [email protected] for inquiries related to children’s data.
11. Updates to This Policy
We reserve the right to revise this Privacy Policy as necessary to reflect legal, regulatory, or operational changes. Any significant modifications will be clearly communicated via mydittolife.com or directly via email when appropriate.
12. Contact
If you have any questions, concerns, or requests related to this Privacy Policy or your data rights, you may contact us at:
Email: [email protected]
We are dedicated to upholding your privacy and ensuring continued compliance with applicable privacy laws, including GDPR and CCPA. Please reach out to us at any time should you have any privacy-related concerns.