Privacy Policy for TokenFlowHQ
1. Introduction
TokenFlowHQ (“we,” “us,” “our”) is firmly committed to protecting the privacy and personal data of our users. This Privacy Policy outlines how we collect, use, disclose, and safeguard personal data when individuals use or interact with our website, available at tokenflowhq.com (the “Website”). We adhere to the highest standards of data protection and privacy in compliance with applicable laws and regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope and Data Controller
This Privacy Policy applies to all visitors, users, customers, and others who access or use the Website. For the purposes of data protection legislation, TokenFlowHQ is the data controller that determines the purposes and means of processing your personal data. If you have any concerns or questions regarding our data practices, please contact us at [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Includes data about how you use our Website, such as your IP address, browser type, operating system, referring URLs, page view statistics, session data, and usage patterns.
b. Account Data
Includes identifying information you provide when creating an account or signing up for our services, such as your full name, email address, mailing address, phone number, and any login credentials.
c. Profile Data
Includes your preferences, purchase history, behavioral data, feedback, interests, and interactions with our services, newsletters, or product offerings.
d. Communication Data
Includes data you provide when you interact with us, including customer support inquiries, contact form submissions, service requests, or messaging history.
e. Technical Data
Includes technical device information such as device type, internet connection, hardware model, browser plug-ins, time zone settings, mobile network, and platform identifiers.
f. Transaction Data
Includes information relating to billing and payment (e.g., credit card details, transaction history), delivery details, and order details if you purchase a product or service via the Website.
g. Preference Data
Includes your consent and communication preferences, as well as information regarding your interests in specific services, products, or marketing content.
4. Legal Bases for Processing Personal Data
We process your personal data lawfully under one or more of the following legal bases:
– Performance of a Contract: When processing is necessary to fulfill our contractual obligations to you, including account management and order processing.
– Consent: Where you have given explicit consent for specific processing activities, such as receiving marketing emails or enabling non-essential cookies.
– Legitimate Interests: When processing is necessary for our legitimate interests, provided these interests are not overridden by your rights and freedoms (e.g., Website analytics, product security, fraud prevention).
– Legal Obligation: Where we are required by law to process certain personal data.
5. Your Rights Under Data Protection Law
Subject to applicable laws, you have the following rights:
– Right of Access: You may request access to your personal data held by us.
– Right of Rectification: You may request that incorrect or incomplete data be corrected or updated.
– Right to Erasure: You may request that we delete your personal data, subject to certain conditions.
– Right to Restriction: You may request that we restrict the processing of your personal data in certain circumstances.
– Right to Data Portability: You may request a copy of your personal data in a structured, commonly used, and machine-readable format.
– Right to Object: You may object to the processing of your personal data where processing is based on legitimate interest or for direct marketing purposes.
To exercise any of these rights, please contact us at [email protected].
6. Data Security Measures
We take appropriate technical and organizational measures to secure personal data against unauthorized access, loss, misuse, or alteration. Such measures include but are not limited to:
– Data encryption (in transit and at rest)
– Access controls with role-based permissions
– Firewalls and secure hosting environments
– Scheduled data backups and disaster recovery systems
– Employee training in data protection and confidentiality
7. International Transfers
In the course of providing our services, your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) or your local jurisdiction. When such transfers occur, we ensure appropriate safeguards are in place, including reliance on Standard Contractual Clauses and regional adequacy decisions as authorized under GDPR and similar instruments under CCPA where applicable.
8. Data Retention
We retain your personal data only for as long as it is necessary to fulfill the purposes for which it was collected, including compliance with legal, tax, accounting, or reporting obligations. Data retention periods vary by category:
– Account Data: retained for the duration of the account and up to 6 years thereafter for compliance
– Communication and Support Data: retained for 3 years after last interaction
– Transaction Data: retained for legal and tax purposes up to 7 years
– Usage and Technical Data: retained for up to 18 months
– Marketing Consent Information: retained until you withdraw consent or actively unsubscribe
9. Cookie Policy
We use cookies and similar technologies on the Website to enhance user experience and collect analytical data. Our cookies fall into the following categories:
– Essential Cookies: Necessary for the Website to function properly (e.g., session cookies, authentication).
– Functional Cookies: Remember your preferences and choices.
– Analytics Cookies: Collect data to analyze how users interact with the Website, helping us improve performance.
– Performance Cookies: Track aggregated performance metrics and diagnose issues.
10. Cookie Management and Compliance
Upon visiting tokenflowhq.com, you will be presented with a cookie consent banner that enables you to accept or decline non-essential cookies. You may also adjust your settings through your browser or via our cookie preference center available on the Website. We comply with the GDPR’s consent requirements and support “Do Not Sell My Personal Information” rights under CCPA, where applicable.
11. Children’s Privacy
We do not knowingly collect personal data from children under the age of 13. If we become aware that we have unintentionally collected such personal data, we will delete it promptly in accordance with applicable law. Parents or guardians who are concerned that their child may have provided us with personal data should contact us immediately at [email protected].
12. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational needs. We encourage you to review this Policy periodically. When significant changes are made to this Policy, we will notify you through appropriate means, which may include a prominent notice on the Website or direct communication via email.
13. Contact Us
If you have any questions, concerns, or complaints regarding this Privacy Policy or our data handling practices, please contact us at:
Email: [email protected]
Website: https://tokenflowhq.com
We are committed to upholding your privacy rights and ensuring full compliance with applicable data protection laws. If you have any privacy concerns, we encourage you to reach out to us directly.