Privacy Policy

1. Introduction

ERICSALVE ("we," "our," "us," or "Company") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains in detail how we collect, use, disclose, transfer, and safeguard your information when you visit our website ericsalve.com (the "Site"), mobile applications, and use our services (collectively, the "Services").

This policy applies to all users of our Services, regardless of location. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

We comply with applicable data protection laws including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other international data protection regulations.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide when you:

• Create an account or register on our Site
• Place an order or make a purchase
• Subscribe to our newsletter or marketing communications
• Contact customer support or communicate with us
• Participate in surveys, contests, or promotions
• Leave reviews or provide feedback
• Apply for employment opportunities

This information may include:

• Full name and contact information (email, phone number)
• Shipping and billing addresses
• Payment information (credit card details processed via Stripe)
• Account credentials (username and encrypted password)
• Order history and shopping preferences
• Communication preferences and marketing opt-in/opt-out status
• Date of birth (for age verification purposes)
• Profile information and preferences
• Social media account information (if you choose to connect)
• Any other information you choose to provide

2.2 Information Automatically Collected

When you access our Services, we automatically collect certain technical and usage information:

• IP address and approximate geographic location
• Browser type, version, and language settings
• Operating system and device information
• Pages visited, time spent on pages, and navigation paths
• Referring/exit pages and URLs
• Click-stream data and search terms used
• Date and time stamps of visits
• Error logs and diagnostic information
• Mobile device identifiers (IDFA, Android ID)

2.3 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, and similar tracking technologies to enhance user experience and gather information. Our cookies include:

• Essential Cookies: Required for Site functionality, including shopping cart and checkout
• Performance Cookies: Help us understand how visitors use our Site
• Functional Cookies: Remember your preferences and personalize your experience
• Advertising Cookies: Deliver relevant advertisements and measure campaign effectiveness

2.4 Information from Third Parties

We may receive information about you from third-party sources:

• Social media platforms (if you connect your account)
• Payment processors and fraud prevention services
• Shipping carriers and logistics partners
• Marketing and analytics service providers
• Data aggregators and enrichment services
• Publicly available sources

3. How We Use Your Information

We process your personal information for the following legitimate business purposes:

3.1 Order Fulfillment and Customer Service

• Process, fulfill, and deliver your orders
• Send order confirmations, shipping notifications, and tracking information
• Process payments and prevent fraudulent transactions
• Respond to your inquiries and provide customer support
• Manage returns, exchanges, and refunds
• Maintain transaction records for legal and accounting purposes

3.2 Account Management

• Create and maintain your account
• Authenticate your identity and prevent unauthorized access
• Remember your preferences and settings
• Enable wish lists and saved items functionality
• Provide personalized shopping experiences

3.3 Marketing and Communications

• Send promotional emails and newsletters (with your consent)
• Notify you of new products, sales, and special offers
• Conduct market research and customer surveys
• Display personalized advertisements and recommendations
• Run contests, sweepstakes, and promotional campaigns

3.4 Site Improvement and Analytics

• Analyze usage patterns and trends
• Improve our website design and user experience
• Develop new products and services
• Test new features and functionality
• Generate statistical and aggregated data
• Monitor and analyze Site performance

3.5 Security and Legal Compliance

• Prevent fraud, unauthorized transactions, and security breaches
• Comply with legal obligations and regulatory requirements
• Enforce our Terms of Service and other agreements
• Protect the rights, property, and safety of our company and users
• Respond to legal requests from law enforcement or government authorities
• Resolve disputes and investigate complaints

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your personal data based on:

• Contract Performance: Processing necessary to fulfill our contract with you (order fulfillment)
• Consent: You have given explicit consent (marketing communications)
• Legitimate Interests: Processing necessary for our legitimate business interests (fraud prevention, analytics)
• Legal Obligation: Processing required by law (tax records, legal compliance)

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

5.1 Service Providers

Third-party vendors who perform services on our behalf:

• Payment processors (Stripe) for secure payment handling
• Shipping carriers for order delivery
• Email service providers for communications
• Cloud hosting and storage providers
• Analytics and marketing platforms
• Customer support and chat services
• Fraud prevention and security services

5.2 Business Transfers

In connection with any merger, sale, acquisition, or transfer of all or part of our business, your information may be transferred to the acquiring entity.

5.3 Legal Requirements

We may disclose your information when required by law or to:

• Comply with legal process or government requests
• Enforce our Terms of Service and other agreements
• Protect our rights, property, or safety
• Prevent fraud or illegal activities
• Protect the safety of our users or the public

5.4 With Your Consent

We may share your information for other purposes with your explicit consent or at your direction.

6. Data Security and Retention

6.1 Security Measures

We implement comprehensive technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:

• SSL/TLS encryption (256-bit) for all data transmissions
• Secure payment processing through PCI-DSS compliant providers (Stripe)
• Encrypted storage of sensitive data at rest
• Regular security audits and penetration testing
• Multi-factor authentication for account access
• Role-based access controls limiting employee data access
• Firewall protection and intrusion detection systems
• Regular security training for employees
• Secure backup systems and disaster recovery plans
• Third-party security certifications and compliance audits

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

6.2 Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our retention periods are based on:

• Account Data: Retained while your account is active or as needed to provide services
• Transaction Records: Retained for 7 years for tax, accounting, and legal compliance
• Marketing Data: Retained until you withdraw consent or for 3 years of inactivity
• Website Analytics: Retained for 26 months
• Customer Support: Retained for 3 years after last interaction

When data is no longer needed, we securely delete or anonymize it.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

7.1 Access and Portability

• Request a copy of the personal information we hold about you
• Receive your data in a structured, commonly used, machine-readable format
• Transfer your data to another service provider (data portability)

7.2 Correction and Updates

• Correct inaccurate or incomplete personal information
• Update your account information directly through your account settings

7.3 Deletion and Erasure

• Request deletion of your personal information ("right to be forgotten")
• Close your account and remove your profile
• Note: We may retain certain information as required by law or for legitimate purposes

7.4 Opt-Out and Objection

• Unsubscribe from marketing emails using the link in each email
• Opt-out of targeted advertising and cookie tracking
• Object to processing based on legitimate interests
• Withdraw consent at any time (doesn't affect prior processing)

7.5 Restriction and Limitation

• Request restriction of processing in certain circumstances
• Limit the use of your information for specific purposes

7.6 Do Not Sell My Personal Information (CCPA)

California residents have the right to opt-out of the "sale" of personal information. We do not sell personal information as defined by the CCPA.

To exercise these rights, please contact us at privacy@ericsalve.com. We will respond to your request within 30 days (or as required by applicable law). We may require verification of your identity before processing your request.

8. International Data Transfers

Your information may be transferred to, stored in, and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from your country.

When we transfer personal data internationally, we implement appropriate safeguards:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions for countries with sufficient data protection
• Privacy Shield certification (where applicable)
• Binding Corporate Rules for intra-group transfers
• Explicit consent for specific transfers when required

By using our Services, you acknowledge and consent to the transfer of your information to countries outside your country of residence, including countries that may not provide the same level of data protection.

9. Cookies and Tracking Technologies

9.1 Cookie Management

You can control cookie settings through your browser preferences. Most browsers allow you to:

• View, delete, and manage cookies
• Block third-party cookies
• Block all cookies (may affect Site functionality)
• Receive notifications when cookies are set

9.2 Do Not Track Signals

Some browsers support "Do Not Track" (DNT) signals. Currently, there is no industry standard for responding to DNT signals. We do not currently respond to DNT signals, but we provide opt-out mechanisms for targeted advertising.

9.3 Third-Party Analytics

We use third-party analytics services to understand how users interact with our Site. These services may use cookies and similar technologies. You can opt-out of analytics tracking through browser settings or third-party opt-out tools.

10. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we learn that we have collected personal information from a child under 18 without parental consent, we will delete that information promptly. In certain jurisdictions, the age of consent may be different; we comply with local age restrictions.

11. California Privacy Rights

California residents have specific rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of personal information collected, used, and shared
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt-out of the "sale" of personal information
• Right to Non-Discrimination: Not receive discriminatory treatment for exercising privacy rights
• Authorized Agent: Designate an authorized agent to make requests on your behalf

To submit a CCPA request, email privacy@ericsalve.com or call our toll-free number. We will verify your identity before processing requests.

Notice: We do not sell personal information as defined by the CCPA.

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restriction of processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent
• Right to lodge a complaint with a supervisory authority

To exercise your GDPR rights, contact privacy@ericsalve.com. We will respond within 30 days as required by law.

You have the right to lodge a complaint with your local data protection authority if you believe we have not complied with GDPR requirements.

13. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify affected individuals and relevant authorities as required by applicable law. Notifications will be sent without undue delay and will include:

• Description of the breach and data affected
• Potential consequences and risks
• Measures taken to address the breach
• Recommended actions you can take
• Contact information for further inquiries

14. Third-Party Links and Services

Our Site may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

Social media features (e.g., Facebook "Like" button) are governed by the privacy policies of the respective platforms. These features may collect your IP address and set cookies.

15. Policy Changes and Updates

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated through:

• Posting the updated policy on this page with a new "Last Updated" date
• Email notification to registered users (for significant changes)
• Prominent notice on our website

Your continued use of the Services after policy changes constitutes acceptance of the updated terms. We encourage you to review this Privacy Policy periodically.

16. Contact Information and Data Protection Officer

For privacy-related questions, to exercise your rights, or to submit complaints, please contact us:

We take all privacy requests seriously and will work diligently to address your concerns. Please provide sufficient detail in your request to help us process it efficiently.