Privacy Policy for Behavior Works
1. Introduction
At Behavior Works, we are committed to safeguarding your privacy and ensuring the protection of your personal data. This Privacy Policy outlines how we process, store, and protect your information when you interact with our website (behavior-works.com), use our services, or otherwise engage with us. We adhere to the highest standards of data protection in accordance with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We take a privacy-first approach in everything we do, and your trust is of paramount importance to us.
2. Scope and Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of the website located at behavior-works.com, and any associated services or communications offered through the site. For the purposes of applicable data protection laws, Behavior Works is the “data controller” of any personal information collected, processed, and stored through our platform, meaning we determine the purposes and means of processing your personal data.
3. Categories of Personal Data We Process
We collect various categories of personal data in the operation of our services, as described below:
a. Usage Data
Includes information such as your IP address, browser type and version, time zone setting, operating system and platform, session duration, pages visited, traffic sources, and other diagnostic data about how you interact with our website.
b. Account Data
Includes identifying information such as your full name, email address, phone number, billing and shipping addresses, and other data provided when you create an account or place an order.
c. Profile Data
Encompasses your interests, preferences, purchase history, feedback, survey responses, and behavioral data on how you use our services and engage with our content.
d. Communication Data
Includes correspondence between you and Behavior Works, including contact details, support tickets, chat messages, and any other records of interactions with our customer service or administrative teams.
e. Technical Data
Includes device identifiers, IP configurations, browser plug-in types and versions, internet service provider (ISP) information, operating system data, and other metrics that help us optimize performance and troubleshoot issues.
f. Transaction Data
Includes details about payments made to and from you, transaction history, and related delivery or refund information.
g. Preference Data
Includes your choices regarding how we communicate with you, including opt-in status to marketing communications, newsletter subscriptions, and recorded marketing and product interests.
4. Legal Bases for Processing Personal Data
We process your personal data under the following lawful bases, as applicable under the GDPR:
– Consent: When you have provided clear permission for us to process your data.
– Contractual Obligation: Where data processing is necessary to fulfill a contract with you, such as providing you with purchased services or products.
– Legitimate Interest: Where processing is necessary for our legitimate interests, provided these are not overridden by your fundamental rights or interests (e.g., fraud prevention, improving our services).
– Legal Obligation: Where we are required to process your data to comply with laws or regulations.
Under the CCPA, we do not sell your personal information. We only use and disclose your data for the purposes outlined in this Privacy Policy.
5. Your Data Protection Rights
Subject to applicable laws and regulations, you have the following rights concerning your personal data:
– Right to Access: You have the right to request access to the personal information we hold about you.
– Right to Rectification: You have the right to request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): You may request the deletion of your personal data under certain conditions.
– Right to Restriction: You may request that we limit the processing of your personal data.
– Right to Data Portability: You have the right to receive your data in a structured, commonly used, and machine-readable format where applicable.
– Right to Object: You may object to the processing of your data based on our legitimate interests or for direct marketing purposes.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement stringent technical and organizational measures to protect your data, including:
– SSL/TLS encryption for all data transmitted to and from our site.
– Access control mechanisms to limit internal data access to authorized personnel only.
– Regular data backups and disaster recovery procedures.
– Ongoing employee training and awareness for data protection best practices.
7. International Data Transfers
When personal data is transferred outside your country of residence, particularly to jurisdictions such as the United States or other non-EEA countries, we ensure an adequate level of data protection through Standard Contractual Clauses and other legally recognized safeguards approved by relevant authorities.
8. Data Retention
We retain your personal data only for as long as is necessary to fulfill the purposes set out in this Privacy Policy, including:
– Usage Data: Up to 26 months for analytics and service improvement.
– Account Data: As long as your account remains active, and up to 6 years after closure for tax and legal compliance.
– Profile and Preference Data: Stored until you update or delete these preferences.
– Communication Data: Retained for up to 3 years after your last interaction or support ticket resolution.
– Transaction Data: Required to be kept for a minimum of 6 years for accounting purposes.
After applicable retention periods, your data will either be deleted securely or anonymized.
9. Cookie Policy
We use cookies and similar technologies to improve user experience, analyze site traffic, and support personalized services. Our cookies fall into the following categories:
– Essential Cookies: Required for the core functionality of behavior-works.com.
– Functional Cookies: Enable enhanced features such as remembering login status or preferences.
– Performance Cookies: Collect anonymized performance data to optimize website features.
– Analytical Cookies: Gather usage behavior and route paths to help understand user interaction.
10. Cookie Management and Compliance
Upon your first visit to behavior-works.com, a cookie banner will notify you of our use of cookies and direct you to our cookie settings panel. You can manage or withdraw your consent to non-essential cookies at any time via our cookie management tools or by adjusting your browser settings. We comply with consent requirements under GDPR and do not collect data from California residents in a manner that constitutes a “sale” under the CCPA.
11. Children’s Privacy
Our services are not intended for children under the age of 13, and we do not knowingly collect personal data from minors. If we become aware that data has been inadvertently collected from a child under 13, we will permanently delete the information. If you believe a child has submitted data without parental consent, please contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to update this Privacy Policy when necessary to reflect changes in our practices, legal obligations, or user feedback. Substantive updates will be communicated via our website, and where appropriate, through direct email notifications to registered users.
13. Contacting Us
If you have any questions, concerns, requests, or complaints regarding your personal data or this Privacy Policy, please contact us directly at:
You may also use this email to exercise your privacy rights or report a suspected data incident.
—
Behavior Works remains committed to full compliance with all data protection laws and best practices. We appreciate your trust in us and take our responsibility to protect your privacy seriously. For any further information or clarification about how we handle your data, do not hesitate to reach out to us at [email protected].