Privacy Policy

Information Collection and Use

We want to be completely transparent about our data collection practices. We gather a variety of information to enhance your experience, personalize your interactions, and continually improve our services. Here's a detailed breakdown of the data we may collect:

Personal Data

This encompasses any information that can directly or indirectly identify you.

Basic Identifiers: Your name, email address, username, phone number, postal address, date of birth, gender, IP address, and any other identifying details. This information may be collected if you authorize our application access to your Google Account.
Account Details: Password, security questions and answers, purchase history, billing and shipping information, customer service interactions, user preferences, settings, loyalty program data, and transaction history. This information may be collected if you authorize our application access to your Google Account.
Social Media Information: If you connect your social media accounts, we may collect your profile picture, social media handle, friends list, follower count, engagement metrics, posts, and other publicly available information.
User Generated Content: Any content you create or upload, such as photos, videos, reviews, comments, posts, voice recordings, survey responses, and shared documents.
Biometric Data: In some cases, with your explicit consent, we might collect biometric data like facial recognition, fingerprint scans, voiceprints, or behavioral biometrics for authentication and security purposes.
Location Data: Precise or approximate geolocation, travel history, and GPS-based activity if permitted by your device settings.
Inferred Data: We may analyze your activity and interactions to infer information about your interests, preferences, habits, behaviors, and demographics.
Employment Data: Job title, employer, professional network information, and work-related preferences if provided.
Health Data: With your consent, we may collect data related to fitness, wellness, and medical history, including information from connected devices like wearables.

Usage Data

This is information about how you interact with our services.

Device information: Your device model, operating system, browser type and version, screen resolution, unique device identifiers (like IMEI or MAC address), mobile network information (including carrier and signal strength), language settings, battery status, and device performance metrics.
Activity information: Pages you visit, time and date of visits, time spent on pages, links clicked, features used, search queries, interactions with content (e.g., videos watched, articles read), downloads, error logs, referral sources, and session identifiers.
Communication data: Details of messages, notifications received, opened or interacted with, and preferences for receiving communications.

Tracking & Cookies Data

We utilize cookies and similar tracking technologies to monitor activity and store information.

Cookies: First-party and third-party cookies (e.g., session cookies, persistent cookies, advertising cookies).
Similar Technologies: Web beacons, pixels, local storage, browser fingerprinting, SDKs (Software Development Kits) from third-party analytics and advertising providers, and server logs.
Behavioral Tracking: Information collected through tracking user interactions across devices, platforms, and services to improve personalization.

Third-Party Data

This includes information collected from external sources or partners.

Publicly Available Information: Data from public records, directories, or other open sources.
Third-Party Integrations: Information from connected apps, APIs, or third-party services like payment processors, analytics platforms, or authentication providers.
Partner Data: Data from affiliates, advertisers, market research firms, or other partners to enhance insights and services.

Use of Data

The data we collect serves several functions:

To provide and maintain our Site and services.
To notify you about changes to our Site and services.
To allow you to participate in interactive features when you choose to do so.
To provide customer support.
To gather analysis or valuable information so that we can improve our Site and services.
To monitor the usage of our Site and services.
To detect, prevent, and address technical issues.
To fulfill any other purpose for which you provide it.
To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
To provide you with notices about your account and/or subscription, including expiration and renewal notices.
To provide you with news, special offers, and general information about other goods, services, and events that we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.

Retention of Data

We understand the importance of responsible data retention and strive to keep your Personal Data only as long as necessary. Here's a more detailed explanation of our retention practices:

Purpose-Driven Retention: We primarily retain your data to fulfill the purposes outlined in this Privacy Policy, such as providing and improving services, communicating with you, and complying with legal obligations.
Legal and Security Requirements: In some cases, we may be required to retain data for longer periods to comply with applicable laws, resolve disputes, enforce our agreements, or address security concerns.
Usage Data: We collect Usage Data (such as website activity and interactions) to analyze trends, administer the Site, track users' movements around the Site, and gather demographic information. This data is generally retained for a shorter period than Personal Data, unless it's needed for security enhancements, functionality improvements, or legal compliance.
Data Deletion: When you delete information from our sites, we may retain it for certain periods of time, even if they are no longer accessible to you. If you are a California resident, you have the right under the California Consumer Privacy Act (CCPA) to request the deletion of your personal information, subject to certain exceptions. For more details on how to exercise your rights, please refer to the "Your California Privacy Rights" section of this Privacy Policy.
Retention for Legal Claims: In situations where there may be a legal claim, dispute, or investigation, we may retain your data for longer periods to ensure compliance with applicable laws or court orders.

We also provide tools and mechanisms for you to manage your data, including options to delete, correct, or request a copy of your data. Our retention periods vary depending on the type of data and its intended use, ensuring we adhere to privacy and data minimization principles. We regularly review our data retention policies to ensure they align with evolving legal standards and our commitment to your privacy.

Your California Privacy Rights (CCPA)

This section provides additional details about the personal information we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

Categories of Personal Information Collected

In the past 12 months, we may have collected the following categories of personal information from California consumers:

Identifiers: This includes your real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver's license number, passport number, or other similar identifiers.
Customer Records Information: This includes information such as your name, contact information, billing and shipping address, and purchase history.
Commercial Information: This includes information about products or services you have purchased, considered, or shown interest in.
Internet Activity: This includes your browsing history on our website, search queries, interactions with our online ads or marketing emails, and device information.
Geolocation Data: This includes your device's physical location.
Inferences: We may draw inferences from your personal information to create a profile reflecting your preferences and interests.

Your Rights Under the CCPA

As a California consumer, you have the following rights:

Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources of the information, the purposes for collecting it, and the categories of third parties with whom we share it.
Right to Delete: You have the right to request that we delete your personal information, subject to certain exceptions.
Right to Correct: You have the right to request that we correct inaccurate personal information that we maintain about you.
Right to Opt-Out of Sale/Sharing: You have the right to opt-out of the sale or sharing of your personal information. We do not currently sell or share your personal information, but if we do so in the future, we will provide a clear way for you to opt-out.
Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of your sensitive personal information to only that which is necessary to perform the services you request or for other limited purposes as permitted by the CCPA.
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

Exercising Your Rights

To exercise your rights under the CCPA, please contact us at legal@prestonkwei.com. We will respond to your request within 45 days.

Authorized Agents

You may designate an authorized agent to make a request on your behalf. To do so, you must provide the agent with written permission to act on your behalf, and we may need to verify your identity directly.

Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)

If you are located within the European Economic Area (EEA), our legal basis for collecting, storing, and processing your personal information is determined by the specific provisions of the General Data Protection Regulation (GDPR). The processing of your Personal Data as outlined in this Privacy Policy is dependent on the categories of data involved and the particular context in which it is collected. We rely on several legal grounds for such processing activities, including but not limited to:

The necessity of processing for the execution of a contract to which you are a party, or to take steps at your request prior to entering into such a contract. This includes fulfilling obligations related to service delivery, product purchases, or any other agreements entered with us.
Your explicit and informed consent, provided voluntarily and clearly, to allow us to collect, use, and process your Personal Data for specific purposes. You retain the right to withdraw your consent at any time, subject to applicable legal limitations.
Our legitimate interests in processing your Personal Data, where such interests are not overridden by your fundamental rights and freedoms. These interests may include business operations, fraud prevention, improvement of our services, and ensuring the security and integrity of our systems.
The necessity of processing for the proper handling of payment transactions, including verifying your identity, preventing fraudulent activity, and facilitating the financial aspects of our services in accordance with legal and contractual obligations.
Compliance with applicable laws, regulations, legal processes, or enforceable governmental requests. This includes obligations to retain records, respond to legal claims, and ensure adherence to statutory and regulatory requirements.

We are committed to ensuring that your Personal Data is processed in accordance with the highest standards of transparency, security, and respect for your privacy rights. If you have any concerns regarding the legal basis under which your Personal Data is being processed, please contact us for clarification or to exercise your rights as afforded by the GDPR.

Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights aimed at allowing you to control the use of your Personal Data. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the following data protection rights:

The right to access, update, or delete the information we have on you.
The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
The right to object. You have the right to object to our processing of your Personal Data.
The right of restriction. You have the right to request that we restrict the processing of your personal information.
The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable, and commonly used format.
The right to withdraw consent. You also have the right to withdraw your consent at any time when we rely on your consent to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests. You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

Transfer of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. We will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Disclosure of Data

Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

We may disclose your Personal Data in the good faith belief that such action is necessary to:

Comply with a legal obligation.
Protect and defend the rights or property of PrestonKwei.com.
Prevent or investigate possible wrongdoing in connection with the Site.
Protect the personal safety of users of the Site or the public.
Protect against legal liability.

Data Breach Notification

Your trust in our ability to safeguard your personal information is paramount. In the unlikely event of a data breach, we are committed to taking immediate and transparent actions to mitigate the impact and inform affected users. Our data breach notification process is designed to comply with applicable laws and regulations, ensuring your rights and privacy are protected.

Timely Notification: Upon discovering a data breach involving your personal information, we will promptly assess the scope and nature of the breach. We will notify affected users as soon as reasonably possible, in accordance with legal requirements, and no later than the time frames mandated by applicable laws.
Communication Channels: Notifications will be sent via email, phone, or other appropriate communication methods. If contact information is unavailable, we will post notices prominently on our website to ensure affected individuals are informed.
Details Provided: Our notifications will include comprehensive information about the breach, such as the types of data involved, the potential risks to affected individuals, measures we are taking to address the breach, and recommended actions users can take to protect themselves.
Collaboration with Authorities: We will cooperate fully with relevant authorities, such as data protection regulators or law enforcement agencies, to investigate the breach and prevent further incidents.
Preventive Measures: Following a breach, we will conduct a thorough review of our security practices, implement enhanced protections, and update our systems to reduce the risk of future incidents.

We are committed to transparency and accountability. If you have concerns about a data breach or wish to inquire about our breach response procedures, please contact us at privacy@prestonkwei.com. Your security and privacy are our highest priorities.

Third-Party Service Providers

We engage third-party service providers across various jurisdictions, including the United States and internationally, to perform critical functions and deliver services on our behalf. These engagements may necessitate the sharing of your personal information, but solely to the extent required for the providers to fulfill their obligations and deliver the agreed-upon services. All such data-sharing activities are conducted under the framework of binding legal agreements that enforce strict confidentiality, privacy, and security standards. These agreements obligate our service providers to comply with applicable data protection laws and to implement industry-leading security measures to safeguard your personal information against unauthorized access, disclosure, or misuse. Furthermore, we take proactive steps to monitor and audit these providers to ensure ongoing compliance with our stringent data protection requirements. By maintaining these rigorous safeguards, we ensure that any handling of your personal information by third parties aligns with our commitment to privacy and security.

Security Measures

We are steadfast in our commitment to protecting the confidentiality, integrity, and security of your personal information. To prevent unauthorized access, use, or disclosure, we have implemented a comprehensive suite of security measures and best practices. These include advanced encryption protocols to secure data both in transit and at rest, robust server configurations designed to meet or exceed industry standards, and stringent access controls that ensure only authorized individuals with a legitimate need can access your data. Furthermore, we conduct regular security audits, vulnerability assessments, and penetration testing to identify and address potential risks proactively. Our security framework is continuously updated to reflect emerging threats and evolving technologies, ensuring compliance with applicable laws and regulations. By maintaining these rigorous safeguards, we uphold our responsibility to protect your personal data and provide you with the highest level of privacy and security.

Children's Privacy

Our service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to take the necessary actions to remove information from our services.

Changes to This Privacy Policy

Our Privacy Policy may be updated periodically to reflect changes in our practices, legal or regulatory requirements, or other factors that may affect the way we handle your personal information. Such updates are part of our commitment to maintaining transparency and ensuring the highest level of privacy protection for our users. Whenever significant changes are made to this policy, we will notify you by sending an email to the address associated with your account, or by placing a prominent notice on our website. The notification will include details of the changes, the effective date, and any actions you may need to take. We encourage you to review the updated Privacy Policy thoroughly to understand how your information will be treated. Continued use of our services after such changes have taken effect will constitute your acceptance of the revised policy. If you do not agree with this privacy policy, please discontinue your use of our sites, and delete all information related to you. We value your trust and are committed to continuing to earn it with our respect for your privacy. Please check back regularly to keep informed of updates to this policy.