Privacy Policy for Tribe of Zero
1. Introduction
Tribe of Zero (“we,” “us,” or “our”) is fully committed to protecting the privacy and personal data of all visitors, users, and customers. Data protection and transparency are essential to our operations and values, and we uphold the principles of privacy by design and default. This Privacy Policy outlines how we collect, use, store, and safeguard your personal information in accordance with applicable data protection legislation, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
By accessing, browsing, or using services provided by tribeofzero.com (the “Website”), you acknowledge and agree to the practices described in this Privacy Policy.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected and processed through tribeofzero.com. Tribe of Zero is the data controller for the purposes of applicable data protection laws. As the data controller, we are responsible for determining how and why personal data is processed and ensuring that such processing is carried out in compliance with the law.
3. Categories of Data Processed
We may collect and process the following categories of personal data, depending on your interactions with our Website and services:
– Usage Data: includes data about your interactions with our Website, such as IP address, browser type, pages visited, session duration, referring URLs, and other diagnostic data.
– Account Data: includes contact information such as name, address, email address, and phone number provided when creating an account or placing an order.
– Profile Data: includes your preferences, purchase history, behavioral trends, interests, and activities within the Website.
– Communication Data: includes records of your correspondence with us, including messages sent through our contact forms, customer support tickets, email interactions, and other communications.
– Technical Data: includes data from the devices and configurations used to access our Website, such as device type, operating system, language settings, time zone, and browser settings.
– Transaction Data: includes details about purchases or orders made through the Website, including payment method, order history, shipping address, and billing details.
– Preference Data: includes your marketing communication preferences, responses to surveys, and product interests.
4. Legal Bases for Processing
We rely on the following lawful bases to process your personal data:
– Consent: where you have provided explicit permission for us to process your data for specific purposes, such as receiving newsletters or marketing messages.
– Contractual Necessity: when processing is required to fulfill our contractual obligations to you, including providing requested services, processing transactions, and responding to inquiries.
– Legitimate Interests: where processing is necessary for our legitimate business interests, such as improving Website functionality, ensuring security, and optimizing user experience, and where these interests do not override your fundamental rights.
– Legal Obligation: where processing is necessary to comply with laws, regulations, or court orders.
5. Your Rights
Under the GDPR and CCPA, you have specific rights regarding your personal data, including:
– Right of Access: the right to request access to the personal data we hold about you.
– Right to Rectification: the right to request that inaccuracies in your data be corrected or updated.
– Right to Erasure: the right to request deletion of your personal data, subject to certain legal exceptions.
– Right to Restriction: the right to request that we temporarily suspend processing of your personal data under specific conditions.
– Right to Data Portability: the right to request a copy of your personal data in a structured, commonly used, and machine-readable format to transfer it to another provider.
To exercise any of the above rights, you may contact us at [email protected]. We will respond to your request in accordance with applicable data protection laws.
6. Security Measures
We implement a range of technical and organizational measures to ensure the confidentiality, integrity, and availability of your personal data. These measures include:
– End-to-end encryption of data transmissions
– Secure access controls and authentication mechanisms
– Regular data backups and disaster recovery protocols
– Staff training on data protection and privacy best practices
– Implementation of firewalls and intrusion detection systems
While no system can guarantee complete security, we maintain industry-standard safeguards to protect data from unauthorized access, alteration, or disclosure.
7. International Transfers
We may process and store your personal data on infrastructure located outside your jurisdiction, including in countries that may not offer the same levels of data protection as those required under GDPR and CCPA. Where we transfer personal data internationally, we apply appropriate safeguards including:
– The use of Standard Contractual Clauses approved by the European Commission
– Ensuring data processing arrangements with third parties comply with applicable cross-border transfer requirements
– Adherence to regional privacy frameworks and supplementary security measures
8. Data Retention
We retain personal data only as long as is necessary for the purposes for which it was collected or to comply with legal, regulatory, tax, or accounting obligations. Our retention periods include:
– Usage Data: up to 12 months for diagnostic and analytics purposes
– Account & Profile Data: retained as long as your account is active and up to 6 years thereafter for legal compliance
– Communication Data: retained for up to 3 years for customer service review and response tracking
– Transaction Data: retained for up to 7 years to comply with financial and tax obligations
– Preference Data: retained until you withdraw consent or update preferences
9. Cookie Policy
Our Website uses cookies and similar technologies to improve your experience and analyze Website use. The categories of cookies used include:
– Essential Cookies: necessary for core functionality and security of the Website
– Functional Cookies: enhance features like remembering login sessions or user preferences
– Analytics Cookies: track user behavior and usage statistics to improve Website performance
– Performance Cookies: monitor system performance and detect technical issues
Cookies may be set directly by us or by third-party service providers acting on our behalf.
10. Cookie Management and Compliance
You can manage your cookie preferences via your browser settings or through on-site tools when visiting tribeofzero.com. In compliance with GDPR and CCPA, we obtain your consent before activating non-essential cookies. Visitors from regions covered by these laws are presented with cookie banners and consent mechanisms where required.
You also have the right to:
– Opt out of the sale or sharing of your personal information (CCPA)
– Revoke cookie consent at any time via cookie settings
11. Children’s Privacy
Our Website is not intended for use by children under the age of 13. We do not knowingly collect or solicit personal data from anyone under 13 years of age. If we discover that we have inadvertently collected data from a child under 13, we will delete such information promptly. Parents or guardians who believe their child has submitted personal data without consent should contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to update this Privacy Policy from time to time in response to changes in legal, technical, or business developments. Any material changes will be communicated by posting a revised version of the policy on tribeofzero.com. We encourage you to review this Privacy Policy periodically to stay informed of how we are protecting your information.
13. Contact
If you have any questions, requests, or concerns regarding this Privacy Policy or the processing of your personal data, please contact us:
Email: [email protected]
We are committed to full compliance with international data protection regulations and to ensuring that your personal data is handled responsibly and securely. Should you believe that we are not meeting our legal obligations under applicable privacy laws, we encourage you to reach out.