Privacy Policy
1. Introduction
At Corti Bros (https://cortibros.com), we are committed to safeguarding the privacy and data protection rights of our visitors, customers, and users. Your trust is of paramount importance to us, and we are dedicated to handling your personal information responsibly, securely, and in compliance with all applicable privacy and data protection regulations, including the European Union General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
This Privacy Policy describes how Corti Bros collects, uses, discloses, and protects your personal data when you access cortibros.com, engage with our services, or communicate with us.
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all users of cortibros.com and related services.
Corti Bros acts as the Data Controller for the personal data that we collect from you. As the Data Controller, we determine the purposes and means of processing your personal information in accordance with applicable laws.
If you have questions about this policy or your data rights, you may contact us at [email protected].
3. Categories of Data Processed
We collect and process the following categories of personal data:
a. Usage Data
Includes details regarding how you interact with cortibros.com, such as IP address, browser type, browsing actions, session timestamps, and pages viewed.
b. Account Data
Includes personal information provided when you create or manage an account with us—your full name, billing/shipping address, email address, and telephone number.
c. Profile Data
Includes information related to your preferences, shopping history, wishlists, saved items, and demographic insights.
d. Communication Data
Includes the content of your communications with us (via forms, email, chat), including customer service and support requests, inquiries, and feedback history.
e. Technical Data
Includes data from your device or equipment when accessing cortibros.com: device type, operating system, browser settings, screen resolution, and other technical configurations.
f. Transaction Data
Includes purchase history, payment methods (limited and tokenized for security), delivery data, and invoice records.
g. Preference Data
Includes your choices regarding marketing communications, subscription preferences, loyalty program participation, frequency of contact, and product or service interest indicators.
4. Legal Bases for Processing
In accordance with GDPR and CCPA principles, Corti Bros processes personal data on the following lawful bases:
– Contractual Necessity: To fulfill our obligations when you make a purchase or register for an account.
– Legitimate Interests: To improve site functionality, enhance customer support, detect fraud, and personalize your experience.
– Consent: For optional uses such as marketing communications, cookies, and newsletters. You may withdraw your consent at any time.
– Legal Obligation: To comply with applicable laws, regulations, or governmental requests.
5. Your Rights
Under GDPR and CCPA, you have the following rights regarding your personal data:
– Right of Access: Request confirmation of whether your data is processed and obtain a copy.
– Right to Rectification: Submit corrections for any inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data under certain legal conditions.
– Right to Restrict Processing: Temporarily limit use of your data if accuracy or legality is contested.
– Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format.
– Right to Object: Challenge data processing based on our legitimate interests.
– Right to Opt-Out (for CCPA): California residents may opt out of the sale of personal data. Corti Bros does not sell personal data.
To exercise your rights, please submit a request to [email protected].
6. Security Measures
We implement rigorous technical and organizational safeguards to protect your data against unauthorized access, disclosure, alteration, or destruction. These include:
– Industry-standard encryption protocols (SSL/TLS)
– Role-based data access limitations
– Regularly updated firewalls and anti-malware software
– Secure data backup and disaster recovery procedures
– Regular employee privacy and security awareness training
These measures are designed to mitigate risk and ensure the confidentiality, integrity, and availability of your data.
7. International Data Transfers
If your data is transferred outside your region, we ensure such transfers comply with GDPR, CCPA, and other applicable laws by utilizing:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Data processing agreements with vendors
– Additional risk assessments and security guarantees
Our aim is to ensure that your personal information receives an equivalent level of protection regardless of the jurisdiction in which it is processed.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal, regulatory, or reporting obligations, detailed as follows:
– Usage Data: 12 months from collection
– Account Data: For the duration of your account plus 3 years
– Profile and Preference Data: Retained until revoked or inactive for 2 years
– Communication Data: Up to 3 years after final interaction
– Technical Data: Up to 12 months
– Transaction Data: Retained for 7 years in compliance with fiscal laws
Upon expiration of the retention period, your personal data is securely deleted or anonymized.
9. Cookie Policy
cortibros.com uses cookies and similar technologies to provide, secure, and enhance user experience. Our categories of cookies include:
– Essential Cookies: Required for website functionality, authentication, and security.
– Functional Cookies: Enable customization and site preferences.
– Performance Cookies: Measure website performance and loading times.
– Analytics Cookies: Track usage patterns and improve services (e.g., Google Analytics).
We do not use cookies to identify you personally without your consent.
10. Cookie Management and Compliance
Upon your first visit to cortibros.com, a banner allows you to manage your cookie preferences, in accordance with GDPR and CCPA requirements. You can adjust or revoke your cookie consents at any time through the “Cookie Settings” page on our website or through the settings in your browser.
You may also opt out of targeted advertising by visiting sites such as the Network Advertising Initiative (www.networkadvertising.org) or Digital Advertising Alliance (www.aboutads.info).
11. Children’s Privacy
We do not knowingly collect or process personal data from children under the age of 13. If we become aware that such data has been inadvertently collected, we will take immediate steps to delete the data in question. If you believe we may have collected information from a child under 13, please contact us at [email protected].
12. Policy Updates and Notifications
We may revise this Privacy Policy from time to time to reflect changes in technology, applicable law, or our practices. Whenever changes occur, we will update this page and, if significant, notify registered users via email or prominent on-site banners.
We encourage you to review this Privacy Policy periodically to stay informed.
13. Contact Us
If you have any questions about this Privacy Policy, your rights, or our practices at Corti Bros, please contact our privacy team at:
Email: [email protected]
Website: https://cortibros.com
We are committed to maintaining the highest standards of privacy protection and data ethics. Please reach out with any privacy-related concerns, and we will respond with diligence and respect for your rights.