Privacy Policy

Privacy Policy

Third Eye Spiritual Practices (“Third Eye SP,” “we,” “our,” or “us”) recognizes the importance of protecting the privacy and personal data of users of our website, thirdeyesp.com (the “Website”). We are committed to maintaining the confidentiality, integrity, and security of your personal information in accordance with applicable data protection regulations, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

This Privacy Policy outlines how we collect, use, disclose, and protect your data, along with your rights and choices regarding your personal information.

1. Commitment to Privacy and Data Protection

We are committed to respecting and safeguarding your privacy and the protection of your personal information. Our practices are designed to ensure full transparency in how we collect and handle your data, and we employ high standards of security in processing such information. This Privacy Policy reflects our adherence to applicable privacy laws and our belief that your data should only be used in ways that are secure, fair, and beneficial to you.

2. Scope of This Policy and Our Role as Data Controller

This Privacy Policy applies to all personal data collected, processed, and stored through our Website, thirdeyesp.com. For the purposes of the GDPR, Third Eye Spiritual Practices is the data controller of any personal data collected through or in connection with the Website. As data controller, we determine the purpose and means by which your personal data is processed and take full responsibility for its protection and appropriate use.

3. Categories of Personal Data Processed

We collect and process various categories of personal data depending on your interaction with our Website and services:

a) Usage Data:
Includes information such as your IP address, browser type and version, time zone settings, referring URLs, pages viewed, time spent on pages, and other diagnostic data collected via analytics.

b) Account Data:
Includes personal identifiers submitted by you, including your name, mailing address, email address, and telephone number when registering for an account or completing a checkout form.

c) Profile Data:
Includes information you submit or that is generated through your interactions with our Website, such as purchase history, service preferences, login history, and behavior on the Website.

d) Communication Data:
Includes data from communications with us, such as support tickets, email conversations, and other correspondence whether via contact forms or direct emails.

e) Technical Data:
Includes data about the devices used to access the Website, including device model, operating system, hardware settings, browser plug-in types and versions, and system configurations.

f) Transaction Data:
Includes information relating to purchases, such as billing address, shipping address, order details, and partial payment data. We use third-party payment processors and do not store full payment card information.

g) Preference Data:
Includes your communication preferences, such as email marketing opt-in status, your interests regarding products and services, and any other consents or choices you provide to us.

4. Legal Bases for Processing Personal Data

We process personal data under the following legal bases, pursuant to Article 6 of the GDPR:

– Consent: We will process your personal data where you have clearly consented to such processing for specific purposes (e.g., email marketing).
– Contract: We may process your data as necessary to fulfill contractual obligations with you (e.g., processing product orders).
– Legitimate Interest: We may process your data where it is necessary to further our legitimate business interests, provided that such interests are not overridden by your rights (e.g., analysis for improving services).
– Legal Obligation: We may process your data where necessary to comply with a legal or regulatory obligation (e.g., keeping financial records).

Where required by CCPA, we do not sell your personal information as defined under California law.

5. Your Rights

Subject to certain limitations, you have the following rights under the GDPR and CCPA:

– Right of Access: You may request access to the personal data we hold about you.
– Right of Rectification: You may request that inaccurate or incomplete data be corrected.
– Right of Deletion: You may request deletion of your personal data, subject to certain legal obligations.
– Right to Restrict Processing: You may request temporary suspension of processing in certain circumstances.
– Right to Data Portability: You may request to receive your personal data in a structured, commonly used, and machine-readable format.
– Right to Object: You may object to certain forms of processing, including direct marketing.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
– Right Not to Be Discriminated Against: Under CCPA, you have the right to equal service and price, even if you exercise your privacy rights.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We implement a broad range of administrative, technical, and physical safeguards to ensure the security of your personal data. These include, but are not limited to:

– Encryption during data transit and at rest
– Role-based access controls
– Secure server environments and firewalls
– Routine security assessments and authorized audits
– Staff training on data privacy and secure handling practices
– Regular data backups and disaster recovery plans

While we take all reasonable precautions, no security systems are entirely foolproof. Users should also take care to protect their account credentials and personal information.

7. International Data Transfers

We may transfer personal data to jurisdictions outside of your country of residence for processing and storage, including to servers located in the United States or other jurisdictions with differing data protection laws. Where such transfers occur, we ensure that appropriate safeguards are in place, such as European Commission Standard Contractual Clauses or equivalent mechanisms that guarantee data protection standards consistent with those of the EU.

8. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected or as required to comply with legal, contractual or audit obligations. General retention periods include:

– Usage and technical data: 12 months
– Account data: Until account deletion and up to 6 years thereafter as required under financial regulations
– Profile and transaction data: 6 years for legal and tax purposes
– Communication and support data: 2 years from final interaction
– Preference and consent records: Maintained for a minimum of 5 years

Upon expiry of the applicable retention periods, personal data is securely deleted or anonymized.

9. Cookie Policy

We use cookies and similar technologies on thirdeyesp.com to enhance your browsing experience and gather analytical data. The categories of cookies used include:

– Essential Cookies: Required for core functionality, security, and network management.
– Functional Cookies: Enable tailored user experience through remembering preferences and login states.
– Analytical Cookies: Help us understand how users interact with our Website for performance monitoring and site improvement.
– Performance Cookies: Enable us to analyze aggregated user engagement and load performance.

10. Cookie Management and Legal Compliance

Upon your initial visit to thirdeyesp.com, you will be presented with a cookie notice that allows you to accept or manage your preferences in accordance with GDPR and CCPA requirements. You may withdraw or modify your consent at any time through the cookie settings feature or by adjusting your browser configuration.

Do Not Track: Our Website does not currently respond to “Do Not Track” browser signals or similar mechanisms under CCPA.

11. Children’s Privacy

Thirdeyesp.com is not directed toward children under the age of 13, and we do not knowingly collect personal data from such individuals. If you are a parent or guardian and believe your child has submitted personal data to us, please contact us immediately at [email protected]. We will promptly take steps to delete the information upon verification.

12. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time to reflect changes in legal obligations, services, or data processing practices. When material changes are made, we will notify users through appropriate means, including but not limited to, posting a notice on the Website or contacting you directly, where required by law.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

13. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us at:

Email: [email protected]

We are fully committed to complying with all applicable data protection laws, including GDPR and CCPA. For any privacy-related inquiries or to exercise your rights, please do not hesitate to contact us.