Privacy Policy for Changefindr.com
1. Introduction
At Changefindr.com, we are committed to safeguarding your personal data and protecting your privacy. We value the trust you place in us and strive to handle your personal information with respect and care. This Privacy Policy outlines how we collect, use, disclose, and safeguard personal data obtained from users, ensuring compliance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal information collected through your use of the website located at https://changefindr.com (“Website”), and any related communications or services. Changefindr.com is the data controller for personal data processed through the Website, which means we determine the purposes and means of processing such data.
3. Categories of Personal Data We Process
We collect and process the following categories of personal information:
a. Usage Data: Includes data about how you use our Website, including IP address, browser type and version, pages visited, time spent on pages, referring URLs, session timestamps, and diagnostic logs.
b. Account Data: Includes your full name, email address, mailing address, phone number, and other identifiers provided when creating or managing an account.
c. Profile Data: Includes information relating to your interests, preferences, purchase history, behavioral patterns, and engagement with our services.
d. Communication Data: Includes contact history with our support and customer service teams, including inquiry content, timestamps, and communication records.
e. Technical Data: Includes information about the device you use to access our services, such as operating system, system configuration, browser settings, screen resolution, and hardware identifiers.
f. Transaction Data: Includes payment details, billing and shipping addresses, order records, refund information, and fulfillment data.
g. Preference Data: Includes marketing preferences, communication consents, and indicated product or service interests.
4. Legal Bases for Processing Personal Data
We rely on the following lawful bases under the GDPR to process your personal information:
– Consent: Where you have given us explicit permission to process your data.
– Contract: Where processing is necessary to perform a contract with you or take steps before entering into a contract.
– Legal Obligation: Where processing is necessary to comply with legal requirements.
– Legitimate Interests: Where processing is in our legitimate interests, provided such interests are not overridden by your fundamental rights and freedoms (e.g., analytics, fraud prevention, product improvement).
Where CCPA is applicable, we do not “sell” or “share” personal information as defined under the law.
5. Your Rights
Subject to applicable data protection legislation, you have the following rights regarding your personal information:
– Right of Access: To obtain a copy of the personal data we hold about you.
– Right to Rectification: To request correction of inaccurate or incomplete data.
– Right to Erasure: To request deletion of your personal data where it is no longer required or where consent has been withdrawn.
– Right to Restriction: To limit our processing of your personal data under certain circumstances.
– Right to Data Portability: To receive your data in a structured, commonly used, and machine-readable format for transfer to another data controller.
– Right to Object: To object to the processing of your data under legitimate interest or direct marketing purposes.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement commercially reasonable technical and organizational measures to ensure the security, confidentiality, integrity, and availability of your personal information. These include:
– SSL/TLS encryption for data in transit
– Role-based access controls and authentication protocols
– Regular system backups and fault tolerance measures
– Staff training and internal privacy protocols
– Ongoing monitoring for vulnerabilities and unauthorized activities
7. International Data Transfers
Where your data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place in accordance with GDPR, including the use of Standard Contractual Clauses approved by the European Commission or reliance on adequacy decisions.
For users in the United States or other regions, we comply with local data protection laws and handle your data with equivalent diligence.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Usage and Technical Data: Up to 14 months for analytics purposes
– Account and Profile Data: As long as your account is active or required to fulfill service obligations
– Communication Data: Up to 3 years for audit and support reference
– Transaction Data: Up to 7 years for compliance with financial and tax obligations
– Preference Data: Retained until you withdraw consent or update your preferences
Data may be retained longer where legally required or for legitimate business purposes (e.g., dispute resolution).
9. Cookie Policy
We use cookies and similar technologies on changefindr.com for the following purposes:
– Essential Cookies: Required for core functionality such as account login, session handling, and security.
– Functional Cookies: Enable site personalization and user preference storage.
– Analytics Cookies: Collect aggregated data on user behavior and site interaction (e.g., Google Analytics).
– Performance Cookies: Support load balancing, responsiveness, and usability enhancements.
10. Cookie Management and Compliance with GDPR & CCPA
Upon first visit to changefindr.com, you will be presented with a cookie banner allowing you to accept or reject non-essential cookies. You may manage your cookie settings at any time through the browser settings or the cookie preferences dashboard on our Website.
Under GDPR and CCPA, users have the right to opt-out of certain tracking and data collection practices. Where applicable, we honor “Do Not Track” and Global Privacy Control (GPC) signals in compliant jurisdictions.
11. Children’s Privacy
Changefindr.com does not knowingly collect or solicit personal data from children under the age of 13. If we learn that we have inadvertently collected information from a child under 13 without verified parental consent, we will take steps to delete such information promptly. Parents or guardians who believe their child has submitted data may contact us at [email protected].
12. Policy Updates and Notifications
We may update this Privacy Policy from time to time to reflect changes in legal, technical, or operational requirements. Material changes will be communicated via email (if applicable) and through notices on our Website. We encourage you to review this policy periodically to stay informed about how we safeguard your data.
13. Contacting Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data rights, please contact us at:
Email: [email protected]
We are committed to maintaining your trust and ensuring your data is protected. If you believe your data protection rights have been violated, you may lodge a complaint with your local supervisory authority.
Changefindr.com is committed to full compliance with applicable privacy laws and ensuring users have a clear understanding of how their data is handled. For all privacy-related inquiries, please contact our team at [email protected].