Privacy Policy
1. Introduction
At ISIC Cards (“we,” “our,” or “us”), available at https://isiccards.com, we strongly value your right to privacy and are committed to protecting the personal data you share with us. This Privacy Policy outlines how we collect, use, disclose, and secure your information in compliance with applicable data protection laws, including the European Union’s General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
We view data protection not merely as a legal obligation, but as a cornerstone of trust between our users and our organization. Our commitment is to handle your information with transparency, care, and integrity.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users visiting or using the website isiccards.com and associated services. ISIC Cards acts as the “data controller” under the GDPR and as a “business” under the CCPA with respect to the personal data processed through our website and services.
For any questions regarding this policy, you may contact us at: [email protected].
3. Categories of Data We Collect and Process
We collect and process different categories of personal data in order to operate effectively and provide you with high-quality service. This includes:
a) Usage Data
Information about how you access and interact with our website, including but not limited to IP address, browser type, operating system, referring URLs, access times, and session metadata.
b) Account Data
Personal details you provide when registering or creating an account, such as your first and last name, email address, phone number, and residential or postal address.
c) Profile Data
Details related to your use of our services, preferences, behavior on the platform, past purchases, and saved card or application preferences.
d) Communication Data
Details of your communication with us such as support queries, customer service interactions, contact history, and any correspondence submitted via forms or email.
e) Technical Data
Information collected from the device you used to access our services, such as device identifiers, software and hardware parameters, browser settings, screen resolution, and network configuration.
f) Transaction Data
Details associated with payments and fulfillment, including billing information, delivery details, payment method, product orders, and transaction identifiers.
g) Preference Data
Marketing preferences, opt-in and opt-out choices, recorded consent for campaigns, and expressed interests relevant to our services and products.
4. Legal Bases for Processing
We process personal data in accordance with lawful bases as outlined below:
– Performance of Contract: To fulfill orders or provide services you have requested from us.
– Legitimate Interests: To operate our business efficiently, improve services, monitor usage trends, and ensure the security of our platform, provided such interests are not overridden by your rights.
– Consent: When you have given clear and explicit permission for us to process your data (e.g., subscribing to marketing emails).
– Legal Obligation: To comply with legal obligations, including tax, financial reporting, and information security regulations.
5. Your Rights
Subject to applicable laws under GDPR and CCPA, you have the following rights regarding your personal data:
– Right of Access: Obtain confirmation whether we process your data and request a copy of your information.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your personal information, subject to lawful retention exceptions.
– Right to Restrict Processing: Ask us to limit how we use your data in certain circumstances.
– Right to Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format and transfer it to another controller.
– Right to Object: Object to our processing based on legitimate interest or direct marketing purposes.
– Right to Withdraw Consent: Revoke your consent at any time when processing is based on consent.
California residents also have the right under the CCPA to:
– Request disclosure of the categories and specific pieces of personal information we collect, use, and disclose.
– Opt-out of the sale or sharing of personal data (we do not sell your data).
– Exercise rights without discrimination.
To exercise any of these rights or obtain further information, please contact us at [email protected].
6. Security Measures
We implement appropriate organizational and technical measures to protect your personal data, including but not limited to:
– End-to-end encryption of sensitive data
– Secure HTTPS transmission
– Restricted access to data for authorized personnel
– Regular data backups and disaster recovery protocols
– Regular staff training in data protection best practices
7. International Transfers
When transferring personal data outside of the European Economic Area (EEA) or other jurisdictions with similar data protection laws, we implement appropriate safeguards including:
– Standard Contractual Clauses approved by the European Commission
– Verification of adequate data protection standards as required by law
– Additional technical and contractual measures to ensure data security during storage and transfer
8. Data Retention
We retain personal data only for as long as is necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Specific timeframes include:
– Account Data: As long as your account is active or until requested for deletion
– Transaction Data: Retained for up to 7 years for tax and accounting obligations
– Communication Data: Retained for up to 3 years after last correspondence
– Usage and Technical Data: Retained for up to 12 months for analytics and troubleshooting
– Marketing Consents and Preference Data: Retained until you withdraw your consent
9. Cookie Policy
ISIC Cards utilizes cookies and similar technologies to enhance the website experience, analyze usage, and deliver tailored content. Cookies used fall into the following categories:
– Essential Cookies: Required for website functionality (e.g., login, checkout)
– Functional Cookies: Enable enhanced functionality (e.g., remembering choices)
– Analytics Cookies: Collect statistical data to understand user interactions
– Performance Cookies: Monitor and improve website performance
10. Cookie Management and User Control
By default, only essential cookies are active. Upon your first visit to isiccards.com, a cookie banner allows you to give or deny consent for non-essential cookies. At any time, you can:
– Manage preferences through our cookie consent manager
– Adjust your browser settings to decline or delete cookies
– Withdraw previously granted cookie consent
As required by GDPR and CCPA, we respect Do Not Track signals and offer opt-out mechanisms where legally mandated.
11. Special Protections for Children Under 13
Our website and services are not directed to, or intended for, children under the age of 13. We do not knowingly collect personal data from children under the age of 13. If we become aware that we have inadvertently collected such data, we will take prompt steps to delete it from our servers.
Parents or legal guardians who become aware that a child has provided us with personal information may contact us at [email protected] for appropriate review and removal.
12. Policy Updates and User Notifications
We reserve the right to update, revise, or modify this Privacy Policy at any time, in accordance with applicable laws and to reflect changes in our operations. Material changes may be notified to users by prominently posting a notice on the website or sending notices via email.
We encourage you to review this Privacy Policy periodically to remain informed about how your data is protected.
13. Contact
For questions, concerns, or to exercise your data rights under this Privacy Policy, you may contact us at:
Email: [email protected]
Website: https://isiccards.com
Compliance Statement
We are fully committed to complying with all applicable data privacy laws, including the GDPR and CCPA. Your privacy matters, and we are here to ensure that your information is handled with the utmost respect and professionalism. Please do not hesitate to reach out with any questions or concerns regarding your personal data.