Privacy Policy
At In-Thought, accessible at in-thought.com, we are firmly committed to respecting and protecting the privacy of all individuals who interact with our services. We uphold the highest standards of data protection and take comprehensive measures to ensure that your personal information remains private, secure, and lawfully processed in accordance with applicable global regulations, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”).
1. Introduction
This Privacy Policy outlines how In-Thought (“we,” “our,” or “us”) collects, uses, discloses, and protects personal data through our website, in-thought.com, and associated services. Your trust is essential to us, and we are transparent about the information we collect and how it is used. By using our website, you agree to this Privacy Policy.
2. Scope and Data Controller
This Privacy Policy applies exclusively to the data collected through in-thought.com and any affiliated platforms or services. For the purposes of the GDPR, In-Thought is the data controller responsible for determining the means and purposes of data processing. If you have any concerns regarding your data, you may contact us at [email protected].
3. Categories of Data We Process
We process different categories of personal data depending on your interaction with us:
a. Usage Data
We collect information about your interaction with our website, including your browser type, IP address, session duration, pages visited, and referring URLs. This data is used for analytics and service optimization.
b. Account Data
When you register for an account, we may collect your full name, postal address, email address, and telephone number.
c. Profile Data
Includes information on user preferences, product or content selections, behavior on our platform, and history of purchases or interactions.
d. Communication Data
Covers all correspondence made through contact forms, email communications, and support tickets, including your contact history with our support staff.
e. Technical Data
Encompasses your device’s model, operating system, browser settings, access times, and system configurations.
f. Transaction Data
Includes payment information (masked or tokenized where applicable), billing and delivery addresses, transaction history, and purchase details.
g. Preference Data
Encompasses consent for marketing communications, product interests, and newsletter preferences.
4. Legal Bases for Processing
We rely on the following legal grounds under GDPR for processing personal data:
– Consent: When we ask for your consent to process your personal data for specific purposes, such as marketing.
– Contractual Necessity: When processing is necessary to fulfill our obligations under a contract with you, including account management or purchase fulfillment.
– Legitimate Interests: Where we process your data to improve our services, detect risks, maintain security, or communicate with you in a manner relevant to our relationship, provided such processing is not overridden by your rights.
– Legal Obligation: Processing required to comply with statutory obligations, such as tax and accounting laws.
For users covered by the CCPA, we process your personal information in accordance with your rights to access, delete, and opt out of data sharing and sales, to the extent applicable.
5. Your Rights
Subject to jurisdiction and applicable law, you have the following rights:
– Access: Request details or a copy of the data we hold about you.
– Rectification: Request correction of any inaccurate or incomplete data.
– Erasure: Request deletion of your personal data, where legally applicable.
– Restriction: Request restriction of processing under specific circumstances.
– Portability: Request transfer of personal data to you or another controller in a structured, commonly used format.
– Objection: Object to specific types of processing, including direct marketing.
– Withdrawal of Consent: If processing is based on consent, you may withdraw that consent at any time.
To exercise any of these rights, please contact us at [email protected]. We may require identity verification to process your request.
6. Security Measures
We implement industry-standard security protocols to protect personal data from unauthorized access, alteration, disclosure, or destruction. Our data protection measures include:
– Secure Socket Layer (SSL) encryption
– Role-based access controls
– Secure data backups
– Endpoint monitoring and intrusion detection
– Regular privacy and security training for staff
7. International Data Transfers
We may transfer and process your personal data outside the European Economic Area (EEA), including to countries that may not provide the same level of data protection. Where we do so, we employ appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or rely on other legally recognized transfer mechanisms and contractual protections to ensure compliance with data protection obligations.
8. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. General retention periods include:
– Usage Data: up to 2 years for analytics
– Account Data: throughout active account duration and up to 6 years thereafter
– Profile Data: 3 years from last interaction
– Communication Data: 3 years from last correspondence
– Technical Data: up to 1 year for security audits
– Transaction Data: 6–10 years, in compliance with financial and tax laws
– Preference Data: until consent is withdrawn or data is updated
9. Cookie Policy
We employ cookies to enhance user experience, analyze site traffic, and optimize content delivery. Cookies are classified as follows:
– Essential Cookies: Necessary for core functionality.
– Functional Cookies: Enable enhanced user features like language settings and saved preferences.
– Analytics Cookies: Collect anonymous statistical data to understand usage patterns.
– Performance Cookies: Help us improve load speeds and website responsiveness.
10. Cookie Management and Compliance
Upon your first visit to in-thought.com, you are presented with options to manage cookie preferences, in compliance with GDPR and CCPA. You may update your preferences at any time via our cookie consent banner or by adjusting your browser settings. Note that disabling certain cookies may impact site functionality.
11. Protection of Children’s Privacy
Our services are not designed for, nor intentionally directed at, children under the age of 13. We do not knowingly collect personal data from minors without verifiable parental consent. If we discover that such data has been collected inadvertently, we will promptly take appropriate steps to delete it.
12. Policy Updates
We reserve the right to amend or update this Privacy Policy at any time to reflect changes in our operations or legal obligations. Where changes are material, we will notify you appropriately through our website or direct communication, in line with applicable regulatory requirements.
13. Contact Information
If you have any questions, concerns, or requests regarding your personal data or this Privacy Policy, you may contact us at:
Email: [email protected]
Website: https://in-thought.com
We are committed to maintaining your trust and safeguarding your data in full compliance with applicable laws and best practices. Please do not hesitate to reach out with any privacy concerns or inquiries.