Privacy Policy
1. Introduction
At Prosperity Waves HQ (accessible at prosperitywaveshq.com), we are deeply committed to protecting your personal data and upholding your rights to privacy and data security. This Privacy Policy outlines how we collect, process, store, and protect your information when you engage with our website, services, and communications. We respect your privacy and handle your data with transparency and accountability in accordance with globally recognized data protection standards.
2. Scope of This Policy and Data Controller Role
This Policy applies to all personal data collected through prosperitywaveshq.com and any related communications, platforms, or services controlled by us. For the purposes of applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), Prosperity Waves HQ is the “data controller” responsible for your personal data.
3. Categories of Data We Process
We may collect and process the following categories of personal data, including but not limited to:
a. Usage Data: Includes data about how you interact with our website, such as your browser type, IP address, device identifiers, referral URLs, time spent on pages, and session data.
b. Account Data: Includes name, email address, telephone number, billing address, and shipping address when you register an account or make a purchase.
c. Profile Data: Includes historical purchase records, saved items, user preferences, survey responses, and behavioral data derived from your interaction with our content and services.
d. Communication Data: Includes your correspondence with us via email, customer support tickets, contact forms, and chat services, including the metadata associated with such communications.
e. Technical Data: Includes information about the device used to access our platform, system configuration, operating system, browser versions, and other diagnostic data.
f. Transaction Data: Includes records of products purchased, payment method used, payment provider details (excluding full payment card information), delivery information, and other commerce-related data.
g. Preference Data: Includes your consent and non-consent for receiving marketing communications, newsletter preferences, and expressed interests in specific products or services.
4. Legal Bases for Processing Personal Data
Under applicable laws, we may process your personal data based on the following legal grounds:
– Consent: Where you have provided voluntary, specific, informed, and unambiguous consent to the processing of your data, such as signing up for newsletters or marketing emails.
– Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into such a contract.
– Legal Obligation: Where the processing is necessary for compliance with a legal obligation to which we are subject.
– Legitimate Interests: Where processing is necessary for the purposes of our legitimate interests, provided these are not overridden by your fundamental rights and freedoms. These interests include fraud prevention, analytics, product improvement, and website optimization.
5. Your Rights Under GDPR and CCPA
Depending on your jurisdiction, you may have the following rights in relation to your personal data:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data, subject to our lawful retention obligations.
– Right to Restriction: You may request us to suspend processing of your data in certain circumstances.
– Right to Data Portability: You may request to receive your data in a structured, commonly used, and machine-readable format for transfer to another controller.
– Right to Object (GDPR): You may object to processing based on legitimate interest or for direct marketing.
– Right to Non-Discrimination (CCPA): You have the right not to receive discriminatory treatment for exercising your privacy rights.
To exercise your rights, please contact us at [email protected].
6. Security Measures and Safeguards
We use a combination of organizational, technical, and administrative measures designed to protect your data, including:
– Data encryption in transit and at rest
– Secure access protocols and authentication controls
– Regular security auditing and testing
– Secure payment provider integrations
– Access restriction based on role and business necessity
– Mandatory training for staff handling personal data
– Robust backup and disaster recovery procedures
While no digital system is entirely infallible, we take every reasonable step to protect your personal data from unauthorized access, disclosure, loss, or misuse.
7. International Data Transfers
Your personal data may be stored and processed in countries outside your resident jurisdiction, including the United States and the European Economic Area. Where such transfers occur, we ensure adequate protections are in place, including:
– Use of Standard Contractual Clauses (SCCs) approved by the European Commission
– Data hosting in jurisdictions with adequacy decisions
– Binding internal policies applicable to our processors and sub-processors
– Continuous monitoring of legal developments regarding international data flow
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or allowed by law. Specifically:
– Usage and Technical Data: up to 12 months, for analytics and diagnostics
– Account and Profile Data: for the duration of the user’s account plus six months post-closure for audit and reconciliation
– Transaction Data: for 7 years, to comply with financial and tax regulations
– Communication Data: up to 24 months
– Marketing Preference Data: retained until opt-out
Data no longer required will be securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance user experience, analyze performance, and deliver personalized services. Categories of cookies include:
a. Essential Cookies: Required for the website to function properly (e.g., session authentication, cart functionality)
b. Functional Cookies: Allow enhanced functionality and personalization
c. Analytics Cookies: Help us measure website traffic and user behavior
d. Performance Cookies: Track performance issues and optimize page loading
10. Cookie Management and Compliance
Upon your first visit and at intervals thereafter, you will be presented with a cookie notice requesting your consent for the use of non-essential cookies. You may:
– Accept all cookies
– Customize your selections
– Reject non-essential cookies
You can also manage your cookie preferences at any time via browser settings or by revisiting the cookie consent manager on prosperitywaveshq.com.
We adhere to GDPR standards for opt-in consent and to CCPA “Do Not Sell My Personal Information” provisions where applicable.
11. Children’s Privacy
Protecting the privacy of young users is especially important. Our services are not directed to children under the age of 13, and we do not knowingly collect personal data from them. If we become aware that we have inadvertently gathered data from a child, we will take immediate steps to delete such data.
Parents or guardians who believe their child may have provided information to us should contact us at [email protected].
12. Changes to This Policy
We reserve the right to update this Privacy Policy to reflect changes in legal obligations, practices, or services. Any material revisions will be posted on prosperitywaveshq.com. Continued use of our services after such updates signifies your agreement to the revised policy.
13. Contact Information
If you have any questions about this Privacy Policy, your rights, or how we handle personal data, please contact us:
Email: [email protected]
We are committed to protecting your privacy and complying with all applicable data protection laws. Your trust is important to us, and we welcome any inquiries or feedback regarding our data handling practices.