Privacy Policy
1. Introduction
At PathNestEgg (“we,” “us,” or “our”), accessible via pathnestegg.com, we are committed to safeguarding the privacy and personal data of our users. Protecting your information is paramount to our values and operations, and we are dedicated to maintaining the highest standards of privacy, transparency, and data protection in accordance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you interact with our website and services.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users and visitors of pathnestegg.com, including account holders, customers, and site viewers. PathNestEgg acts as the data controller for any personal data collected through our website. This means we determine the purposes and means of processing your personal information and are responsible for ensuring compliance with data protection regulations.
3. Categories of Data Processed
In the course of operating pathnestegg.com and providing our services, we may collect and process the following categories of personal data:
a. Usage Data
Information about how you interact with the website, including IP address, browser type, device type, referring URLs, time spent on pages, and browsing activity.
b. Account Data
Information provided when creating an account or making a purchase, including name, postal address, email address, and telephone number.
c. Profile Data
Preferences, transaction history, purchasing patterns, behavioral information, and responses to surveys or promotions.
d. Communication Data
Records of correspondence through email or contact forms, including support inquiries, feedback submissions, and customer service interactions.
e. Technical Data
Information obtained automatically from your device, such as operating system, device identifiers, and browser configurations used to access pathnestegg.com.
f. Transaction Data
Details collected during financial transactions, including payment method, billing address, shipping address, and order history.
g. Preference Data
Marketing consent details, communication preferences, product interests, and opt-in or opt-out selections.
4. Legal Bases for Processing
We process your personal data under the following lawful bases:
– Consent: Where you have provided affirmative consent, such as subscribing to marketing communications.
– Contract: Where processing is necessary to perform a contract to which you are a party, including order fulfillment and account management.
– Legal Obligation: Where we are required to comply with applicable laws and regulations.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This includes site security, service improvement, and marketing analytics.
5. Your Rights
Subject to applicable laws, you have the following privacy rights:
– Right of Access: You may request a copy of your personal data processed by us.
– Right to Rectification: You may request corrections to inaccurate or incomplete personal information.
– Right to Erasure: You may request deletion of your personal data, subject to any legal obligations that prevent such deletion.
– Right to Restrict Processing: You may request that we restrict the use of your data under certain circumstances.
– Right to Data Portability: You may request that your personal data be transferred to another service provider in a structured, commonly used, machine-readable format.
– Right to Object: You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
– Right to Withdraw Consent: Where processing is based on your consent, you may withdraw that consent at any time.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust security controls to protect your personal data, including:
– End-to-end encryption of sensitive transmissions
– Role-based access control and authentication mechanisms
– Regular system monitoring and vulnerability assessments
– Secure data storage and periodic integrity checks
– Staff training in data protection and privacy awareness
– Daily backups with secure storage to provide data resiliency
While no digital system is completely immune to risk, we strive to follow industry best practices to minimize security incidents and maintain the confidentiality of user data.
7. International Transfers
We may transfer your personal data to jurisdictions outside of your country of residence, including to parties located in non-EEA countries. In such cases, we will implement appropriate safeguards in compliance with GDPR and other regulations, such as applying the European Commission’s Standard Contractual Clauses or ensuring the recipient country has been recognized for adequate protection standards.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Usage Data: Retained for up to 12 months for analytics purposes
– Account Data: Retained as long as the account is active or as required by applicable law
– Profile Data, Communication Data: Retained for up to 36 months following last user interaction
– Transaction Data: Retained for up to 7 years for financial and audit compliance
– Preference Data: Retained until updated or withdrawn by the user
Upon expiration of relevant retention periods, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and related technologies on pathnestegg.com to enhance user experience and analyze website usage. Cookies fall into the following categories:
– Essential Cookies: Necessary for website function (e.g., session authentication).
– Functional Cookies: Enable enhanced functionality, such as remembering preferences.
– Analytics Cookies: Help us understand user engagement and improve functionality.
– Performance Cookies: Track load times and responsiveness for optimization.
See our dedicated Cookie Notice for detailed information on the types and purposes of each cookie.
10. Cookie Management and Consent
Upon your first visit to pathnestegg.com, you will be presented with a cookie banner requesting consent to non-essential cookies. You can manage or revoke consent at any time via our cookie settings or by adjusting your browser settings.
We comply with GDPR’s consent standard and honor “Do Not Sell My Personal Information” rights under the CCPA. We do not knowingly sell personal information.
11. Children’s Privacy
Our services are not directed to individuals under the age of 13. We do not knowingly collect personal data from children under 13 years of age. If we become aware that such information has been provided to us without verified parental consent, we will take appropriate steps to delete the data.
12. Policy Updates
We reserve the right to update or amend this Privacy Policy to reflect changes in our practices, technology, legal obligations, or business requirements. Any material changes will be communicated via prominent notices on pathnestegg.com, and applicable users may be notified through their registered email address.
You are encouraged to review this Privacy Policy periodically to stay informed of how we are protecting your data.
13. Contact Us
If you have any questions regarding this Privacy Policy, our data handling practices, or would like to exercise any of your rights under applicable law, please contact us at:
Email: [email protected]
We are committed to full compliance with all applicable privacy legislation, including GDPR and CCPA. If you have privacy-related concerns, we encourage you to reach out—we are here to help.