Privacy Policy for Medi-Cost.com
1. Introduction
At Medi-Cost.com, your privacy is of paramount importance to us. We are committed to safeguarding the personal information of our users and complying fully with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, and protect your information, reflecting our firm dedication to transparency and user rights.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who access or use the services provided through medi-cost.com (the “Website”). Medi-Cost, as the operator of this Website, is the data controller responsible for your personal information. If you have any questions or concerns about this Policy or the handling of your data, please contact us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a) Usage Data: This includes information about how you use our Website, such as your IP address, browser type, operating system, referral sources, access times, and interactions with Website features.
b) Account Data: Information provided during the creation or management of an account, including your name, mailing address, email address, and phone number.
c) Profile Data: Details related to your preferences, interests, purchase history, saved products, and user feedback, including behavioral data collected to enhance user experience.
d) Communication Data: Records of your interactions with our customer support, inquiries submitted via forms or email, message history, and any correspondence received from you.
e) Technical Data: Device information (such as model, device identifiers), system configuration data, browser settings, and operational diagnostics information.
f) Transaction Data: Information related to your purchases, payment methods, billing and shipping details, and other related order data.
g) Preference Data: Marketing preferences, communication consents, and product categories or topics you have expressed interest in.
4. Legal Bases for Processing Data
We process your personal data only as permitted by law. The legal bases for the processing of your data include:
– Your consent, where required (e.g., for marketing communications and certain cookies).
– The necessity of processing for the performance of a contract with you.
– Compliance with legal obligations to which we are subject.
– Our legitimate interests, including ensuring the security of our Website, improving our services, and correspondence management, provided these interests are not overridden by your rights and interests.
5. Your Data Protection Rights
In accordance with applicable data protection laws, you have the following rights:
– Right of Access: You have the right to request access to your personal data and obtain confirmation about its processing.
– Right to Rectification: You may request corrections to your personal data if it is inaccurate or incomplete.
– Right to Erasure: You can request the deletion of your personal data, subject to certain legal or contractual limitations.
– Right to Restriction: You have the right to request the limitation of data processing in certain cases.
– Right to Data Portability: You can request a copy of your personal data in a structured, commonly used, and machine-readable format.
To exercise these rights, please contact us via [email protected]. We will respond to your request in accordance with applicable legal timelines and requirements.
6. Security Measures
We implement a range of technical and organizational measures to protect your personal data, including:
– Encryption of data during transfer and storage using industry-standard protocols.
– Restriction of access to personal data to authorized personnel only.
– Routine security audits, vulnerability scanning, and intrusion detection.
– Regular employee training on data privacy and security protocols.
– System backups to ensure data availability and resilience in case of incidents.
7. International Transfers
We may transfer your data to affiliates, service providers, or partners located outside your jurisdiction, including outside the European Economic Area (EEA). Wherever such transfers occur, we ensure that an adequate level of protection is provided, commonly through the use of European Commission Standard Contractual Clauses or other approved mechanisms in accordance with applicable law.
8. Data Retention
We retain your personal data for no longer than necessary for the purposes for which it was collected. Retention periods are determined based on legal obligations, business needs, and your engagement with our services. The following timeframes generally apply:
– Usage Data: Retained up to 24 months for analytics and performance monitoring.
– Account and Profile Data: Retained for as long as the account remains active and up to 5 years after closure.
– Communication Data: Retained for up to 36 months for quality assurance and legal compliance.
– Transaction Data: Retained for 7 years for financial and accounting compliance.
– Preference Data: Retained until you update your preferences or withdraw consent.
9. Cookie Policy
Medi-cost.com uses cookies and similar technologies to enhance your browsing experience and analyze site performance. Cookies used include:
– Essential Cookies: Required for the operation of the Website and core features such as account login and security.
– Functional Cookies: Enable personalized features such as language selection and saved preferences.
– Analytics Cookies: Collect aggregated data on user behavior to help improve the Website’s functionality.
– Performance Cookies: Track Website performance to deliver a better user experience over time.
10. Cookie Management & Compliance with Data Laws
You may manage your cookie preferences at any time using the cookie settings banner or through your browser controls. Medi-cost.com complies with GDPR and CCPA requirements by:
– Obtaining user consent before placing non-essential cookies.
– Offering clear cookie preferences interfaces.
– Responding to Do Not Track (DNT) and Global Privacy Control (GPC) signals where applicable.
For California users, your rights under CCPA include the right to opt-out of the sale of your personal information. Medi-Cost does not sell personal data as defined under the CCPA.
11. Children’s Privacy
Our services are not directed to children under the age of 13. We do not knowingly collect personal data from children under 13. If we become aware that we have inadvertently received such data, we will delete it promptly. Parents or legal guardians who believe that Medi-Cost may have collected such information are encouraged to contact us at [email protected].
12. Policy Updates and User Notifications
This Privacy Policy may be updated periodically to reflect changes in our practices, legal obligations, or service offerings. Substantive updates will be communicated to you via the Website and/or direct email notifications where appropriate. Continued use of the Website constitutes your acceptance of any changes to this Policy.
13. Contact Information
If you have any questions regarding this Privacy Policy, your personal data, or wish to exercise your rights, please contact us at:
Email: [email protected]
Medi-Cost is committed to full compliance with data protection regulations including the GDPR and CCPA. We strive to ensure the safe, fair, and lawful processing of all personal data and encourage users to reach out to us at [email protected] with any privacy concerns or inquiries.