Privacy Policy

This Privacy Policy describes in comprehensive detail how Truedealer.world ("we", "us", "our") collects, uses, stores, shares, and protects your personal data when you visit our website, place orders, or interact with our services. We are committed to transparency and compliance with the General Data Protection Regulation (GDPR), the New Zealand Privacy Act 2020, the California Consumer Privacy Act (CCPA) where applicable, and other international data protection frameworks.

1. Data Controller and Contact Information

The data controller responsible for your personal data is:

For any privacy-related inquiries, data subject requests, or concerns, please contact us using the details above. We aim to respond to all legitimate requests within 30 days.

2. Categories of Personal Data We Collect

We may collect and process the following categories of personal data:

• Identity data: Your full name, title, and date of birth when you submit an order, create an account, or contact us. This information enables us to personalize your experience and fulfill contractual obligations.
• Contact data: Email address, telephone number, and postal address. We use this to process orders, send confirmations, deliver products, and respond to your inquiries.
• Technical data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, device identifiers. This data is collected automatically when you visit our website and helps us ensure compatibility and security.
• Usage data: Information about how you use our website, including pages visited, time spent on pages, page interaction information (such as scrolling, clicks, and mouse-overs), and navigation paths. This helps us improve our website and user experience.
• Communication data: The content of messages you send us via contact forms, email, or other channels. We retain these to provide support and maintain records of our correspondence.
• Transaction data: Details of products you have purchased from us, including order history, payment information (processed securely by third-party payment providers), and delivery preferences.

3. Purposes and Legal Basis for Processing

We process your personal data for the following purposes, with the corresponding legal bases:

• Order fulfillment: To process, fulfill, and deliver your orders. Legal basis: Contract performance.
• Customer support: To respond to your inquiries, resolve issues, and provide assistance. Legal basis: Contract performance and legitimate interests.
• Website improvement: To analyze usage patterns, fix technical issues, and enhance functionality. Legal basis: Legitimate interests.
• Transactional communications: To send order confirmations, shipping updates, and service-related notices. Legal basis: Contract performance.
• Legal compliance: To comply with tax, accounting, anti-fraud, and other legal obligations. Legal basis: Legal obligation.
• Marketing (with consent): To send promotional communications about our products and offers. Legal basis: Consent. You may withdraw consent at any time.
• Analytics (with consent): To understand how visitors use our site and improve our services. Legal basis: Consent where required by law.

4. Data Retention Periods

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements:

• Order and transaction data: 7 years from the date of the transaction, in compliance with tax and accounting regulations.
• Contact form submissions: 2 years from the date of submission, or until you request deletion, whichever is earlier.
• Technical and usage data: Up to 26 months for analytics purposes, or as required for security and fraud prevention.
• Marketing consent records: Until you withdraw consent, plus a short period to process the withdrawal.
• Customer support correspondence: 3 years from the resolution of the inquiry.

After the retention period expires, we securely delete or anonymize your data so it can no longer be associated with you.

5. Your Rights Under GDPR and Applicable Laws

Depending on your location, you may have the following rights:

• Right of access: Request a copy of the personal data we hold about you in a commonly used format.
• Right to rectification: Request correction of inaccurate or incomplete personal data.
• Right to erasure: Request deletion of your personal data ("right to be forgotten") in certain circumstances.
• Right to restriction: Request that we limit the processing of your data in specific situations.
• Right to data portability: Receive your data in a structured, machine-readable format and transmit it to another controller.
• Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent: Withdraw consent at any time where processing is based on consent.
• Right to lodge a complaint: Lodge a complaint with a supervisory authority in your country of residence.

To exercise any of these rights, contact us at office@truedealer.world. We will respond within 30 days. We may need to verify your identity before processing your request.

6. Data Security Measures

We implement robust technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

• HTTPS/TLS encryption for all data transmitted between your browser and our servers.
• Secure storage with access controls, including role-based permissions and authentication.
• Regular security assessments and penetration testing.
• Limited access to personal data on a strict need-to-know basis.
• Employee training on data protection and security best practices.
• Incident response procedures to address any potential data breaches promptly.

7. Data Sharing and Third-Party Recipients

We may share your data with the following categories of recipients:

• Service providers: Payment processors, shipping carriers, hosting providers, email service providers, and analytics providers. All such parties operate under strict data processing agreements and are contractually bound to protect your data.
• Legal and regulatory authorities: When required by law, court order, or to protect our rights, property, or safety.

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

8. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or other mechanisms recognized by applicable data protection laws.

9. Children's Privacy

Our website and services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will take steps to delete such information.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

11. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices: