Privacy Policy
1. Introduction
At Exact Observer, accessible via exactobserver.com, we value your privacy and are firmly committed to safeguarding your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Our privacy-first approach ensures that your rights and freedoms are protected as you interact with our website, services, and communications.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our website, services, and platforms provided by Exact Observer. Exact Observer acts as the data controller for any personal data collected through exactobserver.com and determines the purposes and means of processing it.
If you have any questions or concerns about your data or this policy, you may contact us at [email protected].
3. Categories of Data Processed
We collect and process various types of personal data, which include:
a) Usage Data
Information collected automatically when you interact with exactobserver.com. This includes browser type, IP address, referring URLs, session length, page views, and general website usage statistics.
b) Account Data
Information provided directly by you during registration or profile creation, such as your full name, physical address, email address, and phone number.
c) Profile Data
Details regarding your preferences, purchasing behavior, browsing habits, and interaction patterns with our products and services.
d) Communication Data
Includes content and metadata related to any communications you send us, including support inquiries, feedback, or interaction history via email or chat.
e) Technical Data
Includes device identifiers, operating system type and version, system configuration settings, and mobile device information.
f) Transaction Data
Information related to purchases and payment transactions, including billing and shipping addresses, partial payment card data (strictly limited per PCI-DSS standards), and fulfillment records.
g) Preference Data
Includes your subscription preferences, marketing communication approvals, newsletter opt-ins, and information regarding preferred services or products.
4. Legal Bases for Processing
We rely on various legal grounds to process your personal information:
– Consent: Where you have given clear permission for us to process your personal data for a specific purpose, such as subscribing to our newsletter or accepting cookies.
– Contractual Necessity: Where processing is necessary to fulfill the services you request, including registration, purchases, or delivering requested content.
– Legitimate Interest: Where processing is necessary for our legitimate interests (provided these are not overridden by your interests or fundamental rights), such as preventing fraud, enhancing the user experience, or network security.
– Legal Obligation: Where we are required to comply with a legal obligation such as complying with tax or regulatory requirements.
5. Your Data Rights
Subject to applicable laws, you have the following rights regarding your personal data:
– Right of Access: You may request access to your personal data and obtain a copy of the data we hold about you.
– Right to Rectification: You have the right to request correction of inaccurate or incomplete data.
– Right to Erasure: In certain circumstances, you may request deletion of your data (“right to be forgotten”).
– Right to Restriction: You may request restricted processing of your personal data under specific conditions.
– Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transfer it to another data controller, where technically feasible.
You may exercise any of these rights by contacting us at [email protected]. We may request verification of your identity before fulfilling your request, as permitted by law.
6. Security Measures
We implement comprehensive technical and organizational measures to safeguard your data, including but not limited to:
– Encryption of data in transit and at rest
– Role-based access controls and authentication protections
– Routine vulnerability monitoring and system patching
– Secure data backups, tested regularly for integrity
– Regular staff training in data protection and cybersecurity principles
Although we take every reasonable effort to protect personal data, transmission over the internet is never completely secure. You transmit data at your own risk.
7. International Data Transfers
Where your personal data is transferred outside the European Economic Area (EEA) or other regions with data protection laws, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or recognized adequacy decisions. Such transfers are performed in full compliance with GDPR and relevant local legislation.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Usage and Technical Data: 12 months from collection
– Account, Profile, and Communication Data: Retained while the account is active and for up to 24 months thereafter
– Transaction Data: Retained for 7 years for compliance with financial and regulatory obligations
– Preference Data: Until the user unsubscribes or withdraws consent
We may retain anonymized or aggregated data for statistical or analytical purposes with no time limitation.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance user experience and collect information about user behavior. We use the following categories of cookies:
– Essential Cookies: Necessary for technical operation and basic website functionality.
– Functional Cookies: Enable improved functionality and personalization based on your preferences.
– Analytics Cookies: Help us understand site usage and improve performance.
– Performance Cookies: Track performance and load times to enhance the user interface.
10. Cookie Management and Compliance
When you first visit exactobserver.com, you will be presented with a cookie consent banner allowing you to manage your preferences. You may modify your cookie preferences at any time through the Cookie Settings link or by adjusting your browser settings.
We honor “Do Not Track” signals and comply with GDPR consent requirements (via opt-in for EU/EEA users) and CCPA opt-out obligations for Californian consumers.
11. Children’s Privacy
Our services are not directed to individuals under the age of 13. We do not knowingly collect personal data from children. If we become aware that data from a child under 13 has been collected without verifiable parental consent, we will take immediate steps to delete such information from our systems. Parents or guardians who believe that we have inadvertently collected information from a child under 13 should contact us at [email protected].
12. Policy Updates and Notifications
We may update this Privacy Policy from time to time to reflect legal, operational, or service changes. Substantial changes affecting your data rights or the scope of processing will be communicated via appropriate channels, such as email notifications or on-site notices. We encourage all users to review this page regularly for the most current version.
13. Contact Information
If you have questions, concerns, or requests relating to this Privacy Policy or how your data is handled, please contact:
Exact Observer
Email: [email protected]
Website: https://www.exactobserver.com
We are committed to full compliance with global data protection regulations and take your privacy seriously. Please reach out to us with any privacy-related concerns, and we will assist you to the fullest extent of the law.