Privacy Policy for Yumespo.com
1. Introduction
At yumespo.com (“Yumespo,” “we,” “us,” or “our”), we are committed to safeguarding the privacy and protecting the personal data of all individuals who interact with our website and services. This Privacy Policy outlines how we collect, use, store, and protect your personal information in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws. We approach data handling with a privacy-first philosophy and aim to be fully transparent in our practices.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who access yumespo.com. Yumespo acts as the data controller for the personal data collected and processed in the operation of our website and services. This means we determine the purposes and means of processing your personal data.
If you have any concerns or questions about our data processing activities, you can contact us at [email protected].
3. Categories of Data We Process
We collect and process the following categories of personal data to provide, maintain, and improve our services and to fulfill contractual and legal obligations:
a. Usage Data
– Browser type and version
– IP address
– Device identifiers
– Date and time of visits
– Referring site or platform
– Pages viewed and session duration
b. Account Data
– Full name
– Email address
– Mailing and/or billing address
– Phone number
c. Profile Data
– Purchase history
– Product or service preferences
– Behavioral data derived from interactions with our site or marketing materials
d. Communication Data
– Customer service inquiries
– Satisfaction surveys
– Help desk correspondence
– Communications via contact forms or emails
e. Technical Data
– Device type and brand
– Operating system and system configuration
– Browser configuration and language settings
f. Transaction Data
– Payment method (tokenized; not stored in full)
– Order history
– Shipping or fulfillment information
g. Preference Data
– Marketing channel opt-ins
– Product interest indicators
– Notification and communication preferences
4. Legal Bases for Processing
We rely on the following lawful bases to collect and process your personal data, depending on the nature of the interaction:
– Consent: For example, when you agree to receive newsletters or marketing communications.
– Performance of a contract: To provide services or process transactions initiated by you.
– Compliance with legal obligations: To comply with accounting, taxation, or data protection requirements.
– Legitimate interests: To improve the user experience, prevent fraud, and ensure website functionality—balanced against individual rights and freedoms.
5. Your Rights
Under the GDPR and applicable U.S. privacy laws, you have the following rights with respect to your personal data:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You can ask us to correct inaccurate or incomplete personal information.
– Right to Erasure: You may request the deletion of personal data under certain circumstances.
– Right to Restrict Processing: You have the right to request a processing restriction in specific situations.
– Right to Data Portability: You may obtain a digital copy of your personal data in a structured, commonly used format.
To exercise any of these rights, please contact us at [email protected]. We may require verification of identity before fulfilling such requests.
6. Security Measures
We implement robust security measures to protect your personal data, including:
– Encryption of data in transit using HTTPS and relevant protocols.
– Secure access controls and user authentication to restrict internal access.
– Routine backups and recovery plans to prevent data loss.
– Employee awareness and training programs on data privacy and protection.
Despite these safeguards, no electronic transmission or storage method is entirely secure, and we urge you to take appropriate personal precautions when transmitting data online.
7. International Transfers
Your data may be stored or processed outside of your country of residence, including in countries that may not offer the same level of data protection as your jurisdiction. When transferring data internationally, Yumespo ensures that appropriate safeguards are in place, including the execution of Standard Contractual Clauses (SCCs) as approved by the European Commission and adherence to applicable regional requirements.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including any legal, regulatory, accounting, or reporting requirements:
– Usage Data: 26 months from date of collection
– Account Data: Duration of the user relationship + 6 years
– Profile and Preference Data: Updated periodically based on user activity; deletion upon user request
– Transaction Data: 7 years for tax and regulatory compliance
– Communication Data: 3 years post-interaction
– Technical Data: 12 months for system optimization
9. Cookie Policy
Yumespo.com uses cookies and similar technologies to enhance and personalize your experience. These small data files are stored on your device and categorize as follows:
– Essential Cookies: Necessary for site functionality (e.g., login sessions, shopping cart).
– Functional Cookies: Enable site enhancements such as remembering preferences.
– Analytics Cookies: Collect data on how users interact with our site to help improve performance.
– Performance Cookies: Assess the technical performance and reliability of the site.
10. Cookie Management & GDPR/CCPA Compliance
When you first visit yumespo.com, you will be given the option to accept or customize cookie preferences. You can update your consent preferences at any time by accessing your browser settings or using the cookie management tools available on our site.
Under GDPR and CCPA, Californian and EU individuals have the right to:
– Opt out of non-essential cookies.
– Access information about how cookies are used.
– Withdraw consent at any time.
Certain essential cookies cannot be declined as they are required for the proper operation of the site.
11. Protection of Children’s Data
Yumespo.com services are not directed toward children under the age of 13. We do not knowingly collect personal data from individuals under this age. If we become aware that a minor’s data has been collected in error, we will take reasonable steps to delete such data as soon as possible. Parents or guardians who believe their child may have submitted personal data may contact us directly at [email protected].
12. Policy Updates and Notifications
This Privacy Policy may be updated from time to time to reflect changes to our practices, legal requirements, or for other operational purposes. Any material changes will be clearly communicated on our website and/or via direct communication channels where appropriate. We encourage you to review this policy periodically to stay informed.
13. Contacting Us
If you have questions about this Privacy Policy or our data handling practices, please contact:
Email: [email protected]
Website: https://yumespo.com
We are committed to maintaining transparency, accountability, and compliance with global data protection frameworks. Your privacy is important to us, and we will promptly address any privacy-related inquiries or concerns.