Privacy Policy
shafaatullahkhan.com (“we,” “our,” “us,” or the “Website”) is firmly committed to protecting the privacy and personal data of all users who visit or interact with us. We are dedicated to ensuring the confidentiality and integrity of your personal information and maintaining full compliance with applicable data protection laws, including the European Union General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Commitment to Privacy and Data Protection
At shafaatullahkhan.com, we understand the importance of privacy and are committed to safeguarding the information you share with us. We adopt industry best practices to ensure your data is handled securely, lawfully, and transparently. This Privacy Policy outlines how we collect, process, store, and disclose your personal data and the rights and controls you have regarding its use.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our Website worldwide, regardless of location. We are the designated Data Controller under the GDPR and assume primary responsibility for your personal data. If you are a California resident, our processing of your personal information also complies with the responsibilities of a Business under the CCPA.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data
Includes: IP address, browser type and version, geographical location, referral source, operating system, date/time of access, page views, and session duration.
Collected via: automated tracking technologies (e.g., cookies, server logs).
b. Account Data
Includes: first and last name, billing or shipping address, email address, and telephone number.
Collected when: you create an account, place an order, or register for services.
c. Profile Data
Includes: purchase history, product preferences, behavioral data (e.g., clicks, page visits, item views), saved items, and user settings.
Collected during: interactions with the Website and use of Website features.
d. Communication Data
Includes: any correspondence you submit to us, whether via contact forms, email, or customer support channels, and any communications history.
Used to: respond to inquiries, provide service, and improve user experience.
e. Technical Data
Includes: device model, operating platform, browser plugins, device identifiers, system configuration data, and diagnostic logs.
Helps us: optimize Website performance and troubleshoot issues.
f. Transaction Data
Includes: order details, payment method (last four digits only), delivery address, invoice data, and order confirmations.
Note: Financial data is processed through third-party payment processors; we do not store full payment card numbers.
g. Preference Data
Includes: marketing preferences, opt-in/opt-out status, areas of interest, and user-selected communications.
Processed based on: your express consent or inferred interests.
4. Legal Bases for Processing
We rely on one or more of the following lawful bases for processing your data:
– Consent: Where you have provided explicit permission for data collection (e.g., newsletter sign-ups).
– Contractual Necessity: To fulfill obligations under a contract, such as processing orders or providing services.
– Legal Obligation: Where processing is required to comply with legal or regulatory requirements.
– Legitimate Interests: For necessary Website functionality, analytics, fraud prevention, service improvement, and communication (excluding where overridden by your fundamental rights).
5. Your Rights
Under applicable data protection laws, you have the following rights:
– Right of Access: Obtain confirmation of whether we process your data and a copy thereof.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to lawful retention requirements.
– Right to Restrict Processing: Ask us to restrict or suspend processing while disputes or verifications are resolved.
– Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format and/or request transfer to another controller.
– Right to Object: Challenge data processing based on legitimate interests or for direct marketing purposes.
– Right to Withdraw Consent: You may withdraw your consent at any time where processing is based on consent. This withdrawal does not affect the lawfulness of prior processing.
To exercise any of the above rights, please contact us at [email protected]. We will respond to verified requests within the timelines required by law.
6. Security Measures
We maintain robust technical and organizational measures to protect your personal data, including:
– Encryption of data during transmission and (where applicable) storage
– Role-based access controls and user authentication
– Regular software updates and vulnerability assessments
– Secure data backups and redundancy systems
– Employee training programs on data protection and cybersecurity
While no online service can guarantee absolute security, we continuously evaluate and improve our safeguards to protect your data against unauthorized access, disclosure, alteration, or destruction.
7. International Transfers
As the Website may operate and use service providers across various jurisdictions, your personal data may be transferred, accessed, and processed outside your country of residence. When transferring data internationally, especially outside the European Economic Area (EEA), we implement appropriate safeguards, including:
– Standard Contractual Clauses approved by the European Commission
– Execution of compliant data processing agreements
– Due diligence and certification of our third-party vendors in alignment with applicable privacy standards
8. Data Retention
We retain personal data for no longer than is necessary for the purposes for which it was collected or to comply with applicable legal, contractual, or regulatory obligations. Retention periods are as follows:
– Usage Data: Up to 12 months
– Account and Profile Data: As long as your account remains active, and for up to 5 years post-closure
– Communication Data: Up to 3 years post-resolution
– Transaction Data: Retained for at least 7 years to comply with tax/legal requirements
– Preference Data: Until consent is withdrawn or no longer necessary
Upon expiration of retention periods, data is either securely deleted or anonymized.
9. Our Use of Cookies
shafaatullahkhan.com uses cookies and similar technologies to enhance your browsing experience and support analytics and performance. Cookies used include:
– Essential Cookies: Necessary for core Website functionality (e.g., login and navigation)
– Functional Cookies: Support user customization preferences and remembered settings
– Analytics Cookies: Help us understand Website usage, improve features, and analyze performance (e.g., Google Analytics)
– Performance Cookies: Monitor system stability, response times, and error reporting
10. Cookie Management and Compliance
By using shafaatullahkhan.com, you may consent to the use of specific cookies via our cookie banner. You have the right to:
– Adjust cookie settings within your browser
– Withdraw consent to non-essential cookies at any time
– Learn more or update preferences via the cookie settings link available in our footer
In compliance with GDPR and CCPA, we honor browser Do Not Track (DNT) signals and user opt-outs where required. If you are a California resident, you may also opt out of the “sale” of your personal information by contacting [email protected].
11. Special Protections for Children
The Website is not intended for children under 13 years of age. We do not knowingly process data of any child under this age. If we become aware of such data being provided, we will promptly delete it. Parents or legal guardians who believe their child’s information has been submitted are encouraged to contact us immediately.
12. Policy Updates and Notifications
We may periodically revise this Privacy Policy to reflect adjustments in technology, legal requirements, or our data practices. We will notify users of significant changes via the Website or email where feasible. Continued use of our services after such updates constitutes acknowledgment of the modified policy. You are encouraged to review this Privacy Policy regularly.
13. Contact Us
If you have questions, data access requests, or privacy concerns, please contact our Data Privacy Team at:
Email: [email protected]
Website: https://shafaatullahkhan.com
We are committed to resolving concerns swiftly and in accordance with all applicable laws and guidelines.
We strive to maintain the highest standards in data protection and to uphold full compliance with the GDPR, CCPA, and all other relevant privacy laws. If you have any concerns or require additional information regarding how your data is used, please do not hesitate to reach out to us.