Privacy Policy
1. Introduction
At ott-one.com (“we,” “us,” or “our”), we are steadfastly committed to upholding your right to privacy and ensuring the protection of your personal data. Recognizing the importance of safeguarding your personal information, this Privacy Policy details how we collect, use, disclose, and protect data we obtain from users of our website. We value transparency, accountability, and compliance with current data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
By engaging with ott-one.com, you entrust us with essential information, and we are dedicated to processing it in a manner that respects your privacy rights and maintains your trust.
2. Scope of Policy and Data Controller
This Privacy Policy applies to all users of ott-one.com and governs how personal data is handled across our website and related communications. We act as the data controller for the personal information you provide or that we collect during your use of our services. As the data controller, we determine the purposes and means of processing your personal data.
For all inquiries regarding this Privacy Policy, or any concern related to data protection, please contact us at [email protected].
3. Categories of Data Processed
We may process the following categories of personal data where applicable:
a. Usage Data:
This includes technical information such as your IP address, browser type and version, device identifiers, time zone settings, referring URLs, pages visited, time spent on pages, and other diagnostic data collected through analytical tools to monitor website usage and performance.
b. Account Data:
Includes personal identifiers such as your full name, billing and shipping address, email address, phone number, and other information provided during account registration or as part of account maintenance.
c. Profile Data:
Refers to information about your interactions with ott-one.com, including purchase history, wish lists, preferences, product ratings, and any behavioral data collected to offer tailored offerings and content.
d. Communication Data:
Comprises the content and metadata associated with communications made via customer support inquiries, online chat, contact forms, and email correspondence with [email protected].
e. Technical Data:
Collected automatically through your interaction with our website, including device type, operating system, browser plug-in versions, screen resolution, and network-related diagnostics.
f. Transaction Data:
Consists of payment details, such as credit/debit card numbers (processed securely through third-party providers), bank account information, order history, invoice data, and delivery records.
g. Preference Data:
Includes your communication preferences, marketing consents, frequency of notifications, and interests in specific products or services as expressed through selections or inferred behavior.
4. Legal Bases for Processing
We rely on the following legal bases for processing your data in compliance with GDPR:
– Performance of a Contract: To fulfill our obligations where you enter into a contract with us—for example, to deliver products or provide customer service.
– Consent: For optional processing activities, such as email marketing, where we seek your explicit consent.
– Legitimate Interests: Where processing is necessary to pursue our legitimate business interests, such as preventing fraud, maintaining website security, or enhancing user experience, provided such interests are not overridden by your fundamental rights.
– Legal Obligation: Where we are required to process personal data to comply with legal or regulatory obligations.
For California residents, we do not sell personal data as defined under the CCPA and only process personal information for business purposes as allowed under the law.
5. Your Rights
Under applicable data protection laws, you may exercise the following rights:
– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to legal or contractual constraints.
– Right to Restrict Processing: Ask us to restrict processing under certain conditions.
– Right to Data Portability: Receive your data in a structured, commonly used format and transmit it to another controller.
– Right to Object: Object to processing based on our legitimate interests or for direct marketing purposes.
– Right to Withdraw Consent: Withdraw any consent you have given for non-essential processing.
– Right Not to Be Discriminated Against: Ensure equal service and pricing regardless of any exercised rights under the CCPA.
To exercise any of these rights, contact us at [email protected]. We reserve the right to verify your identity before fulfilling your request.
6. Security Measures
We implement comprehensive technical and organizational measures to protect your personal data from loss, misuse, or unauthorized access. These include:
– Secure encryption (TLS/SSL) for data transmission.
– Access controls and authentication mechanisms restricting access to authorized personnel only.
– Routine data backups and secure storage protocols.
– Internal staff training on data protection and confidentiality.
Despite these efforts, no internet-based system is entirely immune to risks. Users are encouraged to ensure the security of their personal devices and accounts.
7. International Transfers
While our services are primarily based in the European Economic Area (EEA) and the United States, some personal data may be transferred to or accessed from jurisdictions outside your country of residence. Where this occurs, we ensure adequate safeguards are in place, such as Standard Contractual Clauses or reliance on service providers who comply with comparable privacy standards.
Our practices align with GDPR’s cross-border transfer obligations and CCPA’s requirements for handling personal information with diligence across jurisdictions.
8. Data Retention
We retain personal data only for as long as is necessary to fulfill the purposes for which it was collected, including:
– Usage Data: Retained up to 12 months for analytics purposes.
– Account Data: Stored as long as the user account remains active and for up to 7 years thereafter to comply with legal obligations.
– Transaction Data: Kept for 7 years for accounting and tax compliance.
– Communication Data: Retained for 3 years for quality control and customer history.
– Preference Data: Maintained while marketing consent is valid; deleted upon withdrawal of consent.
Once retention periods expire, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies to enhance your experience on ott-one.com. Cookies fall into the following categories:
– Essential Cookies: Necessary for site functionality and cannot be disabled.
– Functional Cookies: Enable enhanced features like personalization.
– Analytics Cookies: Collect aggregated usage insights to improve site performance.
– Performance Cookies: Monitor technical operation to ensure smooth navigation.
10. Cookie Management and Compliance
In accordance with GDPR and CCPA, users are given the option to manage their cookie preferences upon first visit via a cookie banner. You may:
– Enable or disable non-essential cookies.
– Adjust consent settings at any time through your browser or site preferences.
– Choose “Do Not Sell My Personal Information” options if you are a California resident, even though we do not sell personal data.
By continuing to use our website after adjusting settings, you consent to our cookie practices in accordance with this policy.
11. Children’s Privacy
ott-one.com does not knowingly collect or solicit personal data from individuals under the age of 13. If you are a parent or guardian and become aware that your child has provided personal information to us, please contact us at [email protected]. We will promptly take appropriate steps to delete such information in accordance with applicable laws.
12. Policy Updates & User Notifications
We reserve the right to update or modify this Privacy Policy in response to legal developments, business needs, or enhancements to our services. When material changes are made, we will notify users through our website interface, email communications, or other appropriate means. Continued use of ott-one.com after such changes indicates your acceptance of the revised policy.
13. Contact
If you have any questions about this Privacy Policy, your personal data, or how we process it, please contact us via:
We are committed to maintaining full compliance with applicable data protection laws and welcome all privacy-related inquiries to ensure that your rights are respected and your information is handled responsibly.