Privacy Policy for Tayflow
1. Introduction
At Tayflow (“we“, “us“, or “our”), accessible through tayflow.com, we are committed to protecting your personal data and respecting your privacy. We recognize the importance of transparency, accountability, and safeguarding your information, particularly under applicable data protection laws including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy explains what information we collect from you, how we use it, and the rights you have in relation to your personal data.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all services provided through tayflow.com, including any interactions via our website, communications, or connected services. For the purposes of the General Data Protection Regulation (GDPR), Tayflow is the Data Controller of your personal data. Should you have any questions or requests relating to the processing of your personal data, you may contact us at [email protected].
3. Categories of Data Processed
We collect and process various types of personal data depending on your interactions with tayflow.com:
a. Usage Data
Includes information related to how you use our website and services such as IP address, browser type, device information, geographical location, pages visited, access dates and times, session durations, and referring URLs.
b. Account Data
This includes personal information you provide by creating an account such as your name, email address, telephone number, mailing address, and login credentials.
c. Profile Data
Includes your preferences, feedback, past purchases, interests, and user behavior while interacting with our services.
d. Communication Data
Covers all correspondence and communication records, including customer support inquiries, contact history, and metadata associated with these communications.
e. Technical Data
Comprised of information gathered from your device and internet connection, such as device IDs, operating systems, software versions, browser plug-ins, screen resolutions, and language preferences.
f. Transaction Data
Includes details about payments made via our platform, billing and shipping information, transaction history, and payment verification data. We do not process or store credit card numbers ourselves; these are managed by our secure third-party payment processors.
g. Preference Data
Includes your marketing and communication preferences, subscription status, consent choices, interests, product preferences, and any opt-in or opt-out data for promotional messaging.
4. Legal Bases for Processing
We process your personal data only when legally permitted to do so, relying on the following lawful bases:
– Performance of Contract: Processing necessary to fulfill contractual obligations, for example when you purchase a product or service.
– Legitimate Interest: Processing necessary for our legitimate interests, such as fraud prevention, security enhancement, service improvement, and business analytics, provided that these interests do not override your fundamental rights and freedoms.
– Legal Obligation: Where processing is necessary for compliance with legal responsibilities.
– Consent: We obtain your consent before processing personal data for certain marketing purposes or where legally required. You may withdraw your consent at any time.
5. Your Rights under Privacy Laws
If you are in the European Economic Area, the United Kingdom, or California, you are entitled to the following rights:
a. Right of Access
You may request a copy of the personal data we hold about you and details regarding its use and disclosure.
b. Right to Rectification
You have the right to request corrections to personal data that is inaccurate or incomplete.
c. Right to Erasure
Also known as the “right to be forgotten,” you may request deletion of your personal data under certain circumstances.
d. Right to Restriction of Processing
You may request we limit the processing of your personal data in certain cases, such as when data accuracy is contested.
e. Right to Data Portability
You may receive your personal data in a structured, commonly used, and machine-readable format, and have it transferred to another provider.
f. Right to Object
You have the right to object to processing based on legitimate interests or for direct marketing purposes.
To exercise these rights, please contact us at [email protected]. We will respond to all valid requests within the timeframes established by law.
6. Security Measures
We take the security of your personal data seriously and employ a range of technical and organizational measures to ensure it is protected against unauthorized access, loss, misuse, or disclosure. These include:
– Data encryption (at rest and in transit)
– Role-based access controls and authentication mechanisms
– Regular security audits and vulnerability assessments
– Secure server infrastructure and firewalls
– Staff training on confidentiality and data protection
– Reliable data backup and disaster recovery procedures
7. International Transfers
Where personal data is transferred outside the European Economic Area (EEA) or other jurisdictions providing similar levels of data protection, we ensure appropriate safeguards are in place, such as:
– Standard Contractual Clauses approved by the European Commission
– Transfers to jurisdictions with adequacy decisions
– Implementing supplementary measures to ensure compliance with local laws
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or regulatory obligations.
– Account Data is retained while your account remains active and up to 5 years after closure.
– Transaction Data is retained for at least 7 years for tax and compliance purposes.
– Communication and Support Data is kept for 3 years from the date of last interaction.
– Preference and Marketing Data is retained until you withdraw consent or request deletion.
– Technical and Usage Data is anonymized or aggregated after 12 months.
9. Cookie Policy
We use cookies and similar tracking technologies on tayflow.com to improve your experience and understand usage patterns. The types of cookies we use include:
a. Essential Cookies
Necessary for the website to function, such as authentication, security, and accessibility.
b. Functional Cookies
Enable enhanced features and personalization, such as language settings and UI preferences.
c. Analytical/Performance Cookies
Help us understand how visitors interact with the site using analytics tools (e.g., Google Analytics) for performance monitoring and improvement.
10. Cookie Management and Compliance with GDPR & CCPA
Upon your first visit to tayflow.com, and periodically thereafter, we present a consent mechanism where you may accept or reject non-essential cookies. You may also manage cookie preferences at any time through your browser settings or via our cookie preference center.
In line with the GDPR and CCPA:
– We do not place analytical or marketing cookies without your explicit consent.
– We honor “Do Not Track” signals where recognized.
– You may request access to, or deletion of, personal data collected via cookies by contacting [email protected].
11. Special Protections for Children Under 13
Tayflow’s services are not directed to or intended for children under the age of 13. We do not knowingly collect or solicit personal data from children. If we learn that we have inadvertently collected information from a child under 13 without verified parental consent, we will promptly delete such data. If you become aware that a child has provided us with personal information, please contact us at [email protected].
12. Policy Updates and User Notifications
We reserve the right to modify this Privacy Policy as necessary to comply with legal developments or operational changes. Whenever we update the policy, we will post the revised version on tayflow.com and, where appropriate, notify users through available communication channels. Continued use of our services constitutes acceptance of any such changes.
13. Contact and Complaints
If you have any questions, concerns, or complaints regarding this Privacy Policy or your personal data, please contact us via:
Email: [email protected]
Website: tayflow.com
You also have the right to lodge a complaint with a data protection authority in your jurisdiction if you believe that we have failed to comply with applicable data protection laws.
Tayflow is committed to maintaining compliance with all relevant privacy laws and ensuring the responsible and transparent processing of your personal data. Please reach out to our team at [email protected] for any privacy-related inquiries or assistance.