Privacy Policy
1. Introduction
At ChattyPlay, we are deeply committed to safeguarding the privacy and personal data of our users. Your trust is of paramount importance to us, and we handle all personal information in accordance with the highest standards of security, transparency, and lawfulness. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you interact with our website, chattyplay.com, and its associated services. Our practices fully comply with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), among applicable regulations.
2. Scope of Policy and Role of Data Controller
This Privacy Policy applies to all data collected through your use of our website and associated services operated under chattyplay.com. For purposes of data protection laws, ChattyPlay acts as the “data controller” in relation to the collection and processing of your personal data. This means we determine the purposes and means by which your data is handled.
3. Categories of Data Processed
Throughout your interaction with our services, we may collect the following categories of personal information:
a. Usage Data
Includes information on how you use our website such as browser type, IP address, access logs, page visits, session duration, time zone settings, and referral sources.
b. Account Data
Information submitted when you create an account or otherwise register, including full name, address, phone number, and email address.
c. Profile Data
Details regarding your preferences, purchase history, engagement behavior, and activity within your account or profile.
d. Communication Data
Includes any messages, emails, or chat transcripts linked to customer support queries, contact forms, or other communication channels.
e. Technical Data
Information relating to the devices you use to access chattyplay.com (e.g., device identifiers, operating systems, browser configurations, hardware models, and application versions).
f. Transaction Data
Data about any purchases you make, including billing information, delivery addresses, and payment method details (note: payment processors may separately control this data).
g. Preference Data
Data regarding your marketing preferences, communication consents, and interest in specific products or services.
4. Legal Bases for Processing
Data is processed under one or more of the following grounds, as required by law:
– Consent: Where you have given clear affirmative consent for a specific purpose, such as receiving marketing materials.
– Contract: When processing is necessary to fulfill our obligations under a contract with you, such as delivering purchased goods.
– Legal Obligation: Where processing is required to comply with laws or regulatory directives.
– Legitimate Interests: Where we have a justifiable business reason for processing your data in a balanced and non-intrusive way, and where your rights do not override those interests. This includes analytics, website improvement, and fraud prevention.
5. Your Rights
In compliance with applicable data protection legislation, you have the right to:
– Access: Request a copy of the personal data we hold about you.
– Rectification: Request correction of inaccurate or incomplete personal information.
– Erasure: Request deletion of your data under certain lawful circumstances (“right to be forgotten”).
– Restriction: Limit certain uses of your information under defined conditions.
– Data Portability: Receive your data in structured, machine-readable format and request its transfer to another controller.
– Objection: Object to processing based on our legitimate interests or receive no direct marketing communications.
To exercise any of these rights or to make a data subject access request, please contact us at: [email protected].
6. Security Measures
The security of your data is a fundamental priority. We implement technical and organizational measures to protect information against unauthorized access, alteration, disclosure, or destruction. These include but are not limited to:
– Data encryption in transit and at rest
– Role-based access control and authentication
– Regular systems auditing and security reviews
– Secure data backups
– Staff training on privacy and security best practices
7. International Transfers
Where your personal data is transferred outside the European Economic Area (EEA) or other jurisdictions with data protection requirements, we ensure appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or rely on adequacy decisions as applicable.
8. Data Retention
Personal data is retained only for as long as necessary for the purposes detailed herein:
– Account and Profile Data: retained for the duration of your account and a period of 6 years after account closure.
– Usage, Technical, and Transaction Data: retained for 3 years.
– Communication Data: retained for 2 years following the resolution of the enquiry.
– Preference Data: immediately updated or removed upon consent withdrawal or request.
Longer retention periods may apply where required by law or to establish, exercise, or defend legal claims.
9. Cookie Policy
Our website uses cookies to enhance your experience, analyze site traffic, and support key functionalities. We use:
– Essential Cookies: Necessary for website operation and cannot be switched off.
– Functional Cookies: Enable basic customizations like remembering your login or location.
– Analytics Cookies: Collect anonymous usage data to improve website performance.
– Performance Cookies: Measure system performance and user engagement behaviors.
10. Cookie Management and Compliance
Upon your first visit to chattyplay.com, you are presented with a cookie consent banner to manage your settings. Under GDPR and CCPA, you have the right to opt-in or opt-out of non-essential cookies at any time. You may modify your cookie preferences through your browser settings or our cookie consent manager available on our site.
For California residents, you may opt-out of the “sale” of personal information, as defined by CCPA, and request a “Do Not Sell My Personal Information” instruction via email.
11. Children’s Privacy
ChattyPlay does not knowingly collect, store, or process personal information from children under the age of 13. If we become aware that a child under 13 has submitted personal data without verifiable parental consent, we will take steps to delete that information without delay. Parents or legal guardians concerned that their child may have submitted personal data are encouraged to contact us.
12. Policy Updates
We reserve the right to amend this Privacy Policy to reflect changes in law, regulation, or business practices. Material changes will be notified to users through our website or via email where appropriate. Continued use of chattyplay.com following such modifications constitutes your acknowledgment and consent to the updated policy.
13. Contact Us
If you have any questions, concerns, or complaints regarding this Privacy Policy or our handling of your personal data, please contact:
Email: [email protected]
We are committed to upholding the privacy rights of all users and fully complying with applicable data protection regulations, including GDPR and CCPA. For all privacy-related inquiries, please contact us and we will respond promptly.