Privacy Policy
1. Introduction
At The Brain Chancery, accessible via thebrainchancery.com, we are firmly committed to safeguarding your privacy and protecting your personal data in full compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant privacy legislation. We recognize the trust you place in us and strive to ensure that your shared information is handled with transparency, integrity, and care.
2. Scope of Policy and Data Controller Role
This Privacy Policy governs the processing of personal data collected through thebrainchancery.com and associated services. For the purposes of the GDPR, The Brain Chancery is the data controller responsible for the collection and use of your personal data. If you are a California resident, this policy also provides disclosures and rights applicable to you under the CCPA.
3. Categories of Data Processed
We collect and process the following categories of personal data, depending on your interactions with thebrainchancery.com:
a. Usage Data
Includes information such as your IP address, browser type and version, pages visited, session duration, access times, and referring URLs. This data is collected automatically through cookies and other tracking technologies.
b. Account Data
Includes your full name, mailing address, email address, and phone number, as provided during registration, account setup, or purchases.
c. Profile Data
Comprises information such as your user preferences, shopping history, saved items, feedback, reviews, and behavioral insights derived from your use of the site.
d. Communication Data
Includes data from customer support interactions, inquiries submitted via forms or email, and records of correspondence with us.
e. Technical Data
Pertains to device identifiers, operating system and platform, browser plug-ins, system settings, and diagnostic technical logs.
f. Transaction Data
Encompasses payment details (processed securely via third-party providers), product order data, delivery information, billing records, and invoice histories.
g. Preference Data
Consists of marketing preferences, opt-in/out choices, areas of product interest, and consents provided for communications and promotional content.
4. Legal Bases for Processing
Under data protection laws, we rely on one or more of the following legal bases to process your personal data:
– Consent: Where you have explicitly agreed to our processing, such as opting in to marketing communications.
– Contractual Necessity: Where processing is required to fulfill a contract with you or to take preparatory steps at your request.
– Legal Obligation: When we are required to process data to comply with applicable laws or regulations.
– Legitimate Interests: Where processing is necessary to support our business interests (e.g., fraud prevention, information security, analytics), provided that such interests are not overridden by your data protection rights.
5. Your Data Protection Rights
Subject to applicable laws, you have the following rights regarding your personal data:
– Right of Access: To request a copy of the personal data we hold about you.
– Right to Rectification: To request corrections or updates to inaccurate or incomplete data.
– Right to Erasure: Also known as the “right to be forgotten,” to request deletion of personal data under permitted conditions.
– Right to Restriction: To request a temporary halt to processing under certain circumstances.
– Right to Data Portability: To obtain and reuse your personal data for your own purposes across different services.
– Right to Object: To object to processing based on legitimate interests or for direct marketing purposes.
To exercise any of these rights, please contact us via email at [email protected].
6. Security Measures
We implement robust technical and organizational measures to secure your personal data, including:
– End-to-end TLS/SSL encryption for data in transit
– Access restrictions using role-based authorization
– Frequent system updates and vulnerability monitoring
– Encrypted and redundant backups
– Regular security awareness training for staff and contractors
Despite our efforts, no internet-based transmission can ever be fully secure. You are encouraged to contact us if you suspect any unauthorized activity related to your data.
7. International Transfers
We may transfer your personal data to jurisdictions outside your country of residence, including to countries not deemed to provide an adequate level of data protection. In such cases, we rely on data transfer safeguards such as Standard Contractual Clauses (SCCs), Binding Corporate Rules, or other authorized mechanisms consistent with GDPR and regional laws.
By using the website, you acknowledge and consent to such international transfers in accordance with this policy.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, regulatory, and contractual obligations. Typical retention durations include:
– Usage and Technical Data: up to 12 months
– Account and Profile Data: retained for the life of your account and up to 6 years afterward
– Transaction Data: retained for 7 years for tax and audit purposes
– Communication Data: 3 to 5 years to maintain service records
– Preference Data: retained until you update your preferences or withdraw consent
When data is no longer required, it is securely archived, anonymized, or deleted.
9. Cookie Policy
We use cookies and similar technologies on thebrainchancery.com for the following purposes:
– Essential Cookies: Necessary for the website’s core functionality, such as page navigation, account login, and checkout.
– Functional Cookies: Enhance user experience by remembering choices and preferences.
– Analytics Cookies: Help us understand visitor behavior through anonymized metrics, such as traffic sources and popular content.
– Performance Cookies: Monitor platform response time, error logs, and improve server performance.
10. Cookie Management and Compliance with GDPR & CCPA
Upon your first visit, we display a cookie banner that allows you to accept or manage cookie preferences in compliance with GDPR requirements. Likewise, California residents have the right to opt out of the “sale” or “sharing” of their personal data under the CCPA. We honor such choices via accessible links and interfaces.
You may also manage cookies through your browser settings by disabling or deleting stored data. However, disabling certain cookies may affect website functionality.
11. Special Protections for Children
Our services are not directed at, nor knowingly offered to, children under the age of 13. We do not knowingly collect or solicit personal data from minors. If we discover we have collected personal data from a child under 13 without verified parental consent, we will promptly delete the information. Parents or legal guardians who believe that we may have collected data from a minor can contact us promptly at [email protected].
12. Policy Updates and Notifications
We reserve the right to amend or revise this Privacy Policy periodically to maintain compliance with legal obligations and reflect changes in our services or data practices. Material policy modifications will be announced via notices on thebrainchancery.com or through direct contact using the communication means you have provided. Continued use of our services constitutes agreement with the current version of this policy.
13. Contact and Further Assistance
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Email: [email protected]
Thank you for trusting The Brain Chancery. We are committed to maintaining privacy and regulatory compliance across our digital operations. Please do not hesitate to reach out with any concerns or rights-related inquiries.