Privacy Policy
1. Introduction
At No Ifs No Buts (referred to herein as “we,” “us,” or “our”), accessible via no-ifs-no-buts.com (hereinafter referred to as the “Website”), we are firmly committed to protecting the privacy and personal data of our users and complying with all applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We champion a privacy-first culture and take great care in safeguarding the information you entrust to us.
This Privacy Policy details the types of personal data we collect, how we process it, the legal grounds on which we rely, and how you can exercise your rights in relation to your data.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of the Website and any services offered through it. No Ifs No Buts acts as the “data controller” under applicable privacy laws—meaning we determine the purposes for which, and the manner in which, your personal data is processed. If you have any questions, concerns, or requests regarding your data, please contact us at [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Information about how you use our Website, including browser type, IP address, time zone, referral URLs, and activity during a session (pages visited, clicks, scrolls, etc.).
b. Account Data
Data provided during registration or when setting up a user account, including your full name, email address, telephone number, billing address, shipping address, and account credentials.
c. Profile Data
Details such as preferences, past purchases, browsing behavior, wishlists, saved items, and interests relevant to your experience with our Website.
d. Communication Data
Information contained in your communications with us, including correspondence submitted via forms, emails, live chat, support tickets, or any other means.
e. Technical Data
Device identifiers, operating system, browser version, screen resolution, preferred language, and system configuration details that help us optimize your experience.
f. Transaction Data
Details related to any purchases or orders processed via our Website, including payment method, billing verification, delivery address, and timestamps.
g. Preference Data
Marketing communication preferences, opt-in/out statuses, product interest lists, and consent records related to cookies, email subscriptions, and notifications.
4. Legal Bases for Processing Personal Data
We process personal data based on the following lawful grounds under GDPR and similar principles under CCPA:
– Consent: Where you have given us clear, affirmative permission to process your data for a specific purpose (e.g., newsletter subscriptions, cookies).
– Contractual Necessity: To fulfill the terms of a contract with you, such as completing transactions or providing customer support.
– Legitimate Interests: Where processing is necessary for our legitimate business interests and not overridden by your data protection interests or fundamental rights.
– Legal Obligation: Where processing is required to comply with applicable legal or regulatory obligations.
5. Your Rights
You have the following rights under GDPR and, where applicable, CCPA:
– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data, subject to legal or contractual constraints.
– Right to Restriction of Processing: Ask us to limit processing of your data in certain circumstances.
– Right to Data Portability: Ask for your data in a structured, machine-readable format where processing is based on consent or contract.
– Right to Object: Object to processing based on legitimate interests, including profiling.
– Right to Withdraw Consent: Withdraw previously granted consent at any time without affecting the legality of processing based on consent before withdrawal.
– Right Not to Be Subject to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing.
To exercise any of these rights, please contact us at [email protected]. We may require verification of your identity for security purposes.
6. Security Measures
We implement robust physical, administrative, and technical safeguards to ensure the confidentiality, integrity, and availability of personal data. These include, but are not limited to:
– End-to-end encryption of data in transit (TLS/SSL)
– Encryption of sensitive data at rest using industry-standard algorithms
– Strict access control mechanisms, with role-based permissions
– Regular data backups and redundancy systems
– Staff training on data protection principles and security awareness
– Regular audits and vulnerability assessments
7. International Data Transfers
Where your data is transferred outside of your country of residence, including transfers to jurisdictions that may not provide the same level of data protection as your own, we take steps to ensure that appropriate safeguards are in place. These include the use of Standard Contractual Clauses approved by the European Commission and similar instruments under applicable law to ensure your data remains protected.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal, regulatory, or accounting requirements. Retention periods vary by data category:
– Usage & Technical Data: Up to 12 months for analytics and troubleshooting
– Account & Profile Data: Retained while your account is active and for up to 6 years thereafter for auditing and compliance
– Communication Data: Retained for 3 years from date of last interaction
– Transaction Data: Retained for 7 years for tax and legal purposes
– Preference Data: Retained until updated or consent is withdrawn
9. Cookie Policy
We use cookies and similar tracking technologies to enhance user experience, enable website functionality, and analyze site traffic.
Types of cookies we set:
– Essential Cookies: Required for essential site functionality, such as account login, shopping cart, and payments.
– Functional Cookies: Remember user preferences, locale, and settings to personalize your experience.
– Analytics Cookies: Collect aggregated data to help us understand user behavior and improve our services.
– Performance Cookies: Monitor site performance and help us detect and fix bugs or usability issues.
10. Cookie Management and User Control
In compliance with GDPR and CCPA, we provide users with the ability to manage cookie preferences via the cookie consent banner and settings tool available upon visiting our Website. You may also control or delete cookies through your browser settings. Disabling certain cookies may impact the functionality of specific services or features.
11. Children’s Privacy
Our Website is not directed at, and we do not knowingly collect personal data from, children under the age of 13. If we become aware that a child under 13 has provided personal information without parental consent, we will take immediate steps to delete such information. If you believe we may have collected information from a child under 13, please contact us at [email protected].
12. Changes to This Policy
We reserve the right to update or amend this Privacy Policy as our services evolve or regulatory requirements change. Material changes to this policy will be communicated via the Website, and where required by law, we will seek your consent for such changes. We recommend you periodically review this page to stay informed.
13. Contact Us
If you have questions about this Privacy Policy, our data handling practices, or would like to submit a data request or complaint, you may contact us at:
Email: [email protected]
Website: https://no-ifs-no-buts.com
We are committed to full compliance with applicable privacy regulations and will respond to all inquiries and requests promptly and respectfully.