Privacy Policy
1. Introduction
At Pacific Arc (the “Company,” “we,” “us,” or “our”), accessible via pacific-arc.com (the “Website”), we are committed to protecting your privacy and ensuring the confidentiality and security of your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
We value transparency and strive to uphold a privacy-first approach in all our data handling activities.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users and visitors of pacific-arc.com, as well as any data collected or processed through our services, communications, or business operations.
For the purposes of the GDPR and relevant data protection laws, the data controller responsible for your personal data is Pacific Arc, which determines the means and purposes of processing personal information collected via pacific-arc.com.
If you are a California resident, this Policy incorporates your rights under the CCPA.
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Includes information about how you use pacific-arc.com and interact with our digital properties. This includes browser type and version, IP address, timestamps, page visits, session duration, and referring URLs.
b. Account Data
Information provided when you create an account or interact with us online or offline, including your full name, mailing address, email address, and telephone number.
c. Profile Data
Information associated with user preferences, shopping behavior, purchase history, wish lists, feedback, and settings configured on pacific-arc.com.
d. Communication Data
Records of your communication with us, such as customer support inquiries, email correspondence, and online chat history.
e. Technical Data
Device identifiers, system configurations, platform type, network information, and software diagnostics generated during your use of the Website.
f. Transaction Data
Details related to purchases and transactions including billing information, payment card details (processed securely via third parties), shipping addresses, and fulfillment records.
g. Preference Data
Marketing preferences, consent statuses, survey participations, product interests, and responses to promotions or newsletters.
4. Legal Bases for Processing
We process your personal data only where we have a valid legal basis to do so. These include:
– Consent: Where you have explicitly consented to the processing of your data (e.g., for email marketing).
– Contractual necessity: Where processing is required for the performance of a contract, such as fulfilling an order.
– Legitimate Interest: Where processing is necessary for our legitimate business interests, such as service improvement, fraud prevention, and analytics, provided your rights do not override these interests.
– Legal Obligation: Where processing is required to comply with applicable laws and regulations.
5. Your Rights
You are entitled to exercise certain rights regarding the personal data we process about you. These rights include:
– Right of Access: Obtain confirmation on whether we process your personal data and receive a copy.
– Right to Rectification: Request corrections to inaccurate or incomplete personal data.
– Right to Erasure (Right to be Forgotten): Request deletion of your personal data under certain circumstances.
– Right to Restriction: Pause the processing of your data if contested or no longer necessary.
– Right to Data Portability: Receive structured data formats and request data transfer to another entity.
– Right to Object: Object to direct marketing or processing based on legitimate interest.
– Right Not to Be Discriminated Against (CCPA): You will not face adverse treatment for exercising your privacy rights.
To make requests related to these rights, please contact us at [email protected].
6. Security Measures
We implement robust organizational and technical measures to protect your personal data, including but not limited to:
– End-to-end encryption for sensitive transfers
– Role-based access control and authentication protocols
– Regular data backups and disaster recovery strategies
– Staff training on data protection and best practices
– Physical and digital safeguards against unauthorized access or disclosure
7. International Transfers
If your personal data is transferred outside the European Economic Area (EEA) or California, we ensure such transfers comply with applicable data protection laws, including the use of Standard Contractual Clauses (SCCs) approved by the European Commission and adherence to regional adequacy decisions or data protection certifications.
8. Data Retention
We retain personal information for only as long as necessary for the purposes for which it was collected, or as required by law. Retention periods include:
– Usage and Technical Data: up to 24 months
– Account and Profile Data: for the duration of the account and 7 years thereafter
– Communication and Support Data: retained for 5 years
– Transaction Data: retained for at least 7 years for accounting compliance
– Preference and Marketing Data: for as long as a marketing preference is active or until consent is withdrawn
Data no longer needed is securely deleted or anonymized.
9. Cookie Policy
Cookies are small text files stored on your device when you visit pacific-arc.com. Our Website uses the following types of cookies:
– Essential Cookies: Necessary for the operation of the Website (e.g., cart management, session logins).
– Functional Cookies: Enhance user experience and remember preferences.
– Performance Cookies: Collect data about Website usage to help improve functionality.
– Analytics Cookies: Help us analyze traffic and user behavior through tools such as Google Analytics.
These cookies may collect data identifiers such as IP addresses, device information, and usage patterns.
10. Cookie Management and Compliance
Upon first visit to pacific-arc.com, you are presented with a cookie banner allowing you to manage your preferences in accordance with GDPR and CCPA. You have the right to:
– Accept or reject non-essential cookies
– Withdraw consent at any time
– Manage settings within your browser to delete or block cookies
By continuing to use our Website without adjusting settings, you consent to the use of essential and any previously accepted cookies.
11. Children’s Privacy
pacific-arc.com is not directed toward children under the age of 13, and we do not knowingly collect or solicit personal data from minors. If we discover that such data has been collected without verifiable parental consent, we will take prompt steps to securely delete it.
If you believe we may have inadvertently collected data from a child under 13, please contact us at [email protected].
12. Policy Updates and User Notifications
We reserve the right to modify or revise this Privacy Policy at any time. Material changes will be communicated via prominent notice on pacific-arc.com or directly via email where appropriate and permitted. Your continued use of our services indicates acceptance of the revised terms.
We encourage users to periodically review this Privacy Policy to remain informed of our data practices.
13. Contact
For questions, concerns, or to exercise your data rights in relation to this Privacy Policy, please contact us at:
Email: [email protected]
Website: https://www.pacific-arc.com
We are fully committed to complying with global data privacy regulations and ensuring that your privacy is respected and protected. Please reach out with any privacy-related inquiries, and we will respond promptly and transparently.