Privacy Policy for The Ducket
1. Introduction
At The Ducket (theducket.com), we are committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information. We uphold stringent privacy principles and data protection practices in accordance with global regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Our dedication to data privacy reflects our belief that your trust is earned by transparency, accountability, and respectful stewardship of your data.
2. Scope and Role of the Data Controller
This Privacy Policy applies to all visitors and users of theducket.com, and governs the processing of personal information collected through the website or related communications. For the purpose of data protection laws, the data controller is theducket.com, and all inquiries related to data protection can be directed to [email protected].
As the data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring compliance with applicable privacy laws and principles.
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data: Information about how you use our site, such as your IP address, browser type and version, operating system, referring URL, pages viewed, access times, and duration of visits.
b. Account Data: Information provided when you register or maintain an account on theducket.com, including your name, email address, physical address, and phone number.
c. Profile Data: Information related to your preferences, purchase history, interactions with content, saved favorites, and behavioral trends within theducket.com.
d. Communication Data: Details from your interactions with us, including support inquiries, feedback, live chat transcripts, emails, and other correspondence.
e. Technical Data: Device-specific information such as device type, operating system, hardware specifications, language settings, and other system configuration data.
f. Transaction Data: Details about payments and transactions you make, including billing address, shipping information, card type (last four digits only), and purchase history.
g. Preference Data: Your marketing and communication preferences, such as subscription settings, interests, and consent to promotional materials.
4. Legal Bases for Processing
We will only process your personal data when there is a lawful basis under applicable law. These legal bases may include:
– Consent: where you have affirmatively consented to the processing.
– Contractual necessity: to fulfill contractual obligations or take requested pre-contractual steps.
– Legal obligation: to comply with legal requirements and regulatory processes.
– Legitimate interests: to operate, secure, and improve our services, provided such interests are not overridden by your rights and freedoms.
5. Your Rights
You have the following rights concerning your personal data, subject to verification and applicable law:
– Right of access: Obtain a copy of the personal data we hold about you.
– Right of rectification: Request that we correct incomplete or inaccurate data.
– Right to erasure (“Right to be forgotten”): Request deletion of your data where applicable.
– Right to restrict processing: Ask that we limit the use of your data under certain circumstances.
– Right to data portability: Request your data in a structured, commonly used, and machine-readable format.
– Right to object: Object to the processing of your data where we rely on legitimate interests or where your data is used for direct marketing.
To exercise these rights, please contact us at [email protected]. We will respond to all legitimate requests in compliance with applicable regulations.
6. Security Measures
We implement a range of technical and organizational measures designed to protect your personal information. These include:
– Encryption of data during transit and at rest
– Role-based access controls and secure authentication protocols
– Regular security audits and vulnerability assessments
– Frequent backups and disaster recovery procedures
– Staff training programs in data privacy and incident response
Although we strive to maintain the highest standards, no method of transmission or storage is entirely immune to risk. We encourage you to use strong passwords, enable multi-factor authentication, and protect your devices.
7. International Data Transfers
If you are located outside of the region where our servers or service providers operate, your data may be transferred and processed in countries with different data protection laws. Where we transfer your personal data outside the European Economic Area (EEA) or other applicable jurisdictions, we employ appropriate safeguards—such as Standard Contractual Clauses or adequacy decisions—that ensure your data continues to be protected.
8. Data Retention
We retain personal data only for as long as necessary for the purposes outlined in this policy or to satisfy legal, accounting, or reporting obligations, including:
– Account Data: retained for the duration of the user relationship and up to 6 years following account closure.
– Transaction Data: retained for financial and legal compliance purposes for a minimum of 7 years.
– Communication Data: retained for 24 months following last interaction.
– Technical and Usage Data: retained for up to 12 months for analytical and security purposes.
– Marketing & Preference Data: retained until withdrawal of consent or inactivity exceeding 24 months.
When retention is no longer justified, data is securely deleted or anonymized.
9. Cookie Policy
The Ducket uses cookies and similar tracking technologies to enhance user experience, understand user behavior, and improve site functionality. These may include:
– Essential Cookies: Required for site operation, such as session management and authentication.
– Functional Cookies: Enable preference settings such as language selection or saved items.
– Performance Cookies: Collect aggregated data on site usage to analyze and optimize performance.
– Analytics Cookies: Used for in-depth analysis of traffic patterns via services like Google Analytics.
10. Cookie Management and Compliance with GDPR & CCPA
You have control over the use of cookies. Upon your first visit to theducket.com, a cookie consent banner allows you to manage cookie preferences in accordance with GDPR. You may modify your settings at any time via our Cookie Settings page. Under CCPA, California residents may opt out of the ‘sale’ of personal information, including some third-party tracking and advertising services.
You may also configure your browser settings to refuse some or all cookies. Please note, however, that disabling essential cookies may impact the functionality of the site.
11. Special Protections for Children
We do not knowingly collect personal data from children under the age of 13. If it comes to our attention that we have inadvertently collected such data, we will take immediate steps to delete it. Parents or legal guardians who believe their child has provided us with data without consent are encouraged to contact us at [email protected].
12. Policy Updates and Notifications
This Privacy Policy may be updated periodically to reflect legal, technical, or business changes. If changes are material, we will provide appropriate notice via the website or other communication channels. We encourage users to review this page periodically to remain informed about our privacy practices.
13. Contact Us
For questions, concerns, or to exercise your rights under this Privacy Policy, please contact us at:
Email: [email protected]
Website: https://theducket.com
We are committed to complying with applicable privacy and data protection regulations and will respond to your inquiries with diligence and transparency.
This Privacy Policy affirms our commitment to the fair, lawful, and transparent processing of personal data. If you have any concerns regarding your privacy or data protection rights, please reach out to us directly.