Privacy Policy for WrkRiot
1. Introduction
At WrkRiot, accessible via wrkriot.com, we place the highest priority on your privacy and are committed to protecting your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, store, and secure personal data obtained through your interactions with our website and associated services. Our goal is to ensure transparency and to uphold the principles of lawfulness, fairness, and accountability in the handling of all personal information.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of wrkriot.com and to all personal data collected via our website, email communications, support services, and other digital means in connection with our service offerings. WrkRiot is the data controller responsible for determining the purposes and manner of processing your personal data. As a data controller, we take full responsibility for the handling and protection of such data in accordance with the relevant legal frameworks.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data: Information such as IP address, browser type and version, device identifiers, language settings, pages visited, time spent on the site, and referral URLs. This data is collected automatically through cookies and similar technologies.
b. Account Data: Name, email address, postal address, phone number, and other identifying information voluntarily provided during account creation or updates.
c. Profile Data: User preferences, login history, purchase behavior, feedback, and other personalized information that informs our service customization.
d. Communication Data: Records of email correspondence, support inquiries, feedback forms, and any other communications between you and WrkRiot.
e. Technical Data: Device information including hardware model, operating system and version, browser configuration, screen resolution, and system diagnostics.
f. Transaction Data: Information related to payments and purchases, including billing details, order history, and fulfillment status.
g. Preference Data: Marketing communication preferences, interest selections, customer loyalty participation, and opt-in or opt-out records.
4. Legal Bases for Processing
WrkRiot processes your personal data based on one or more of the following legal grounds:
– Legitimate Interests: For improving website functionality, analytics, and marketing performance in ways that do not override your data protection rights.
– Contractual Necessity: When data processing is required to fulfill a contract with you or to take steps at your request before entering into a contract.
– Consent: For sending optional marketing communications and collecting data through cookies, where applicable.
– Legal Obligation: To comply with applicable laws, legal proceedings, or enforceable governmental requests.
5. Your Rights
Under GDPR and CCPA, you have the following rights concerning your personal data:
– Right of Access: Obtain confirmation and access to your data being processed.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of personal data where legally permissible.
– Right to Restriction: Limit the way we use your data in specific circumstances.
– Right to Data Portability: Receive a copy of your data in a structured, machine-readable format.
– Right to Object: Object to the processing of your data for direct marketing or legitimate interests.
– Right to Withdraw Consent: Withdraw consent at any time, without affecting prior lawful processing.
To exercise any of the above rights, please contact us at [email protected].
6. Security Measures
We implement robust organizational, technical, and administrative security measures to secure your personal data. These include, but are not limited to:
– Encryption of data in transit and at rest
– Multi-layered access control and authentication systems
– Routine security risk assessments and vulnerability scans
– Regular staff training on data protection and privacy compliance
– Real-time monitoring and regular integrity checks
– System backups and disaster recovery protocols
7. International Transfers
WrkRiot may transfer and process your personal data in countries other than your country of residence, including to jurisdictions with different data protection standards. Where such transfers occur, we ensure that adequate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, to uphold the level of protection required under GDPR and similar frameworks. For users in California, we comply with CCPA distinction requirements, ensuring your rights remain enforceable despite geographic location.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, or as required by applicable law. Specific retention periods are as follows:
– Usage Data: Up to 12 months, unless aggregated for analytics.
– Account Data: Retained for the lifetime of the account plus 6 years after account closure.
– Profile Data: Retained for up to 3 years post last interaction.
– Communication Data: Retained for up to 24 months for customer service consistency.
– Technical Data: Retained for 12 months unless used for security logs.
– Transaction Data: Retained for 7 years for compliance with tax and financial reporting obligations.
– Preference Data: Maintained until you update or withdraw preferences.
9. Cookie Policy
WrkRiot uses cookies and similar technologies to enhance website functionality and user experience. The types of cookies we use include:
– Essential Cookies: Necessary for basic site operations such as authentication and session management.
– Functional Cookies: Enable enhancements like saved preferences and content personalization.
– Analytics Cookies: Collect aggregated demographic and usage data to help us improve functionality.
– Performance Cookies: Measure the responsiveness and efficiency of our pages and user journeys.
10. Cookie Management and Compliance with GDPR & CCPA
We comply with both GDPR and CCPA requirements for cookie use, including consent management mechanisms. Upon your first visit to wrkriot.com, you will be prompted to manage your cookie preferences through a cookie consent banner.
Under GDPR, you may opt-in or opt-out of different cookie categories except for essential cookies. Under CCPA, you have the right to opt-out of the sale of personal information, which may include third-party tracking cookies. You can modify your cookie preferences or withdraw consent at any time via our Cookie Settings tool available on our site.
11. Special Protections for Children Under 13
WrkRiot does not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have collected personal data from a child without verifiable parental consent, we will promptly delete such information from our records. Parents or legal guardians who believe we have collected data from a child under 13 may contact us at [email protected] to request data deletion or review.
12. Policy Updates and User Notifications
We reserve the right to amend this Privacy Policy from time to time in accordance with changes to our practices or relevant laws. Material changes will be communicated through appropriate channels, such as a notification on wrkriot.com or via direct email when appropriate. We encourage you to review this Privacy Policy periodically to stay informed of how your data is protected and used.
13. Contact Information
For any questions, requests, or concerns regarding this Privacy Policy, your personal data, or to exercise your data rights, please contact:
WrkRiot Privacy Officer
Email: [email protected]
We are committed to resolving all privacy-related concerns swiftly and transparently, in compliance with GDPR, CCPA, and other applicable data protection laws.