PRIVACY POLICY
1. Introduction
At Medi-Cost, accessible via medi-cost.com, we are firmly committed to respecting and protecting your privacy. We recognize the importance of safeguarding personal data, and we strive to maintain the highest standards of security, transparency, and accountability in the collection, use, and handling of your information. This Privacy Policy outlines how we process your personal data in accordance with applicable privacy and data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant legislation.
2. Scope of This Policy and Data Controller Responsibility
This Privacy Policy applies to all data collected through your use of our website (medi-cost.com) and our services. For purposes of data protection legislation, Medi-Cost is the data controller with respect to the processing of your personal data. This means we determine the purposes and means of processing your data.
3. Categories of Data We Process
We collect and process various categories of personal data to deliver and enhance our services. These categories include:
a. Usage Data
We collect information automatically when you interact with our website, including but not limited to your IP address, browser type, operating system, referring URLs, device identifiers, session duration, and browsing interactions.
b. Account Data
If you register for an account with us, we collect your name, email address, telephone number, billing and shipping addresses, and account login credentials.
c. Profile Data
This includes your interests, preferences, purchase history, service usage, and behavioral data collected through website interactions to personalize your experience.
d. Communication Data
We collect communication records such as inquiries, support requests, messages sent via our contact forms, and other correspondence.
e. Technical Data
We process information concerning the hardware and software on your device, including device type, screen resolution, operating system, language settings, browser configuration, and software versions.
f. Transaction Data
Includes details related to your purchases, such as payment method and verification data, order and delivery information, transaction ID, and billing status.
g. Preference Data
We store preferences such as your consent for receiving marketing communications, interests indicated in product or service categories, and cookie choices.
4. Legal Bases for Processing Personal Data
We collect and use your data only when permitted by law under one or more of the following legal bases:
– Performance of a Contract: To process and fulfill the services you request.
– Legitimate Interests: For business purposes that do not override your rights, including fraud prevention, service improvement, and website analytics.
– Consent: Where you expressly provide permission (e.g., marketing communications or cookies). You may withdraw consent at any time.
– Legal Obligation: When processing is necessary to comply with legal requirements.
5. Your Rights
Under applicable law, you have a range of rights regarding your personal data:
– Right of Access: You may request access to the data we hold about you.
– Right to Rectification: You can request corrections to ensure accuracy.
– Right to Erasure: Also known as the “right to be forgotten,” you may request the deletion of your data, subject to legal exceptions.
– Right to Restriction: You may request us to limit processing under specific circumstances.
– Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
– Right to Object: You may object to processing based on legitimate interests, including profiling and direct marketing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement technical and organizational safeguards to protect the confidentiality, integrity, and availability of your personal data. These include but are not limited to:
– End-to-end encryption of sensitive data during transmission and storage
– Role-based access controls and user authentication protocols
– Regular system monitoring, patching, and vulnerability assessments
– Employee training programs regarding data handling and privacy practices
– Encrypted backups stored in secure environments
7. International Transfers
Your personal data may be transferred to, processed, and stored in jurisdictions outside your country of residence, including regions that may not have laws equivalent to those in your jurisdiction. Where applicable, we rely on Standard Contractual Clauses and implement supplementary safeguards to ensure appropriate levels of data protection as required under GDPR and other global frameworks.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, accounting, or reporting obligations.
– Usage Data: Retained for 12 months for analytics and diagnostics.
– Account Data: Retained for the duration of your relationship with us plus 6 years.
– Transaction Data: Kept for a minimum of 7 years to meet financial and legal obligations.
– Communication Data: Retained for 3 years after the final correspondence.
– Preference Data: Retained until the consent is withdrawn or updated.
After applicable retention periods, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies on medi-cost.com for various purposes:
– Essential Cookies: Necessary for the basic functioning of the website.
– Functional Cookies: Help personalize your experience by remembering choices.
– Performance Cookies: Collect aggregated data for performance and website enhancement.
– Analytics Cookies: Used to analyze site usage and improve functionality.
Cookies may be set by us (first-party) or by third parties acting on our behalf. Details of individual cookies are available in our Cookie Settings panel displayed upon your first visit.
10. Cookie Management and Compliance with GDPR & CCPA
You have the ability to manage and control cookies through your browser settings or our website’s cookie preference tools. We provide a cookie consent banner in compliance with GDPR, and do not sell personal information in accordance with CCPA provisions. California users may opt out of cookie-based data sharing at any time.
11. Children’s Privacy
Our website and services are not directed to individuals under the age of 13. We do not knowingly collect or solicit data from children. If we discover that we have inadvertently collected information from a child under 13, we will promptly delete it. If you believe a child has provided us with personal data, please contact us at [email protected].
12. Policy Updates & User Notifications
We reserve the right to update or modify this Privacy Policy to reflect changes in statutory requirements or our data processing practices. Changes will be posted to this page, and, where appropriate, notified to you via email or pop-up notifications on medi-cost.com. Continued use of our website after the changes are implemented constitutes your acceptance of the revised policy.
13. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please do not hesitate to contact us:
Email: [email protected]
Website: https://medi-cost.com
We are committed to upholding your privacy rights and complying with all applicable data protection laws. For any privacy-related concerns, you may reach out to us directly using the contact details provided above.