Rhythbalance

Privacy Policy

Last Updated: January 2025

Effective Date: January 1, 2025

1. Introduction and Data Controller Information

This Privacy Policy describes how Rhythbalance ("we," "us," or "our") collects, uses, processes, and protects your personal information when you visit our website at commodityprotect.world or use our services. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada.

Data Controller Details:

Company Name: Rhythbalance

Registered Address: 401 Bay St. Suite #1600, Toronto, ON M5H 2T7, Canada

Contact Email: info@commodityprotect.world

Contact Phone: +16479872845

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you:

  • Contact Form Submissions: Name, email address, message content, and any other information you choose to provide
  • Newsletter Subscriptions: Email address, name (if provided), subscription preferences
  • Account Registration: Username, email address, password (encrypted), profile information
  • Purchase Transactions: Billing name, billing address, payment information (processed securely through third-party payment processors), transaction history
  • Customer Support: Communication history, support ticket information, feedback

2.2 Information Automatically Collected

When you visit our website, we automatically collect certain information about your device and browsing behavior:

  • Technical Data: IP address, browser type and version, operating system, device type, screen resolution
  • Usage Data: Pages visited, time spent on pages, click patterns, referring website, date and time of visits
  • Location Data: General geographic location based on IP address (country, region, city)
  • Cookies and Tracking Technologies: Information collected through cookies, web beacons, and similar technologies (see our Cookie Policy for details)

2.3 Information from Third Parties

We may receive information about you from third-party sources, including:

  • Social media platforms (if you interact with our social media content)
  • Analytics providers (Google Analytics, etc.)
  • Payment processors (transaction confirmation data)
  • Marketing partners (with your consent)

3. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

  • Consent: You have given explicit consent for processing your personal data for specific purposes (e.g., marketing communications, non-essential cookies)
  • Contract Performance: Processing is necessary to fulfill our contractual obligations to you (e.g., delivering purchased products or services)
  • Legal Obligation: Processing is required to comply with legal obligations (e.g., tax records, legal requests)
  • Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., website security, fraud prevention, business analytics) provided these interests do not override your fundamental rights

4. How We Use Your Information

We use the collected information for the following purposes:

4.1 Service Delivery and Communication

  • Responding to your inquiries and contact form submissions
  • Processing and fulfilling your orders or service requests
  • Providing customer support and technical assistance
  • Sending transactional emails (order confirmations, account notifications)
  • Communicating important updates about our services

4.2 Website Improvement and Analytics

  • Analyzing website usage patterns and user behavior
  • Improving website functionality, content, and user experience
  • Conducting research and statistical analysis
  • Testing new features and services
  • Troubleshooting technical issues

4.3 Marketing and Promotional Activities

  • Sending promotional emails and newsletters (with your consent)
  • Personalizing marketing content based on your interests
  • Conducting surveys and gathering feedback
  • Running contests, promotions, or special offers

4.4 Security and Legal Compliance

  • Protecting against fraud, unauthorized access, and security threats
  • Enforcing our terms of service and policies
  • Complying with legal obligations and regulatory requirements
  • Responding to legal requests from authorities
  • Protecting our legal rights and interests

5. Data Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information in the following circumstances:

5.1 Service Providers

We share data with trusted third-party service providers who assist us in operating our website and delivering services:

  • Hosting Providers: Website hosting and server management
  • Payment Processors: Secure payment processing (e.g., Stripe, PayPal)
  • Email Service Providers: Email delivery and newsletter management
  • Analytics Providers: Website analytics and performance monitoring (e.g., Google Analytics)
  • Customer Support Tools: Help desk and support ticket management

These service providers are contractually obligated to protect your data and use it only for the specified purposes.

5.2 Legal Requirements

We may disclose your information when required by law or in response to:

  • Court orders, subpoenas, or legal processes
  • Requests from law enforcement or government authorities
  • Protection of our legal rights, property, or safety
  • Investigation of fraud, security issues, or violations of our terms

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to the acquiring entity. We will notify you of any such change and provide options regarding your data.

5.4 With Your Consent

We may share your information with third parties when you have provided explicit consent for such sharing.

6. International Data Transfers

Your personal information may be transferred to and processed in countries outside of Canada and the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions recognizing equivalent data protection standards
  • Privacy Shield certification (where applicable)
  • Binding Corporate Rules for intra-group transfers

We ensure that all international transfers comply with applicable data protection laws and that your data receives an adequate level of protection.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods:

  • Contact Form Data: 2 years from submission date
  • Account Information: Duration of account activity plus 1 year after account closure
  • Transaction Records: 7 years for tax and accounting purposes
  • Marketing Data: Until consent is withdrawn or 3 years of inactivity
  • Website Analytics: 26 months (Google Analytics default)
  • Cookie Data: As specified in our Cookie Policy (typically 1-24 months)
  • Legal Records: As required by applicable laws and regulations

After the retention period expires, we securely delete or anonymize your personal information. You may request earlier deletion by contacting us (subject to legal obligations).

8. Your Rights and Choices

Under GDPR and PIPEDA, you have the following rights regarding your personal data:

8.1 Right to Access

You have the right to request a copy of the personal information we hold about you. We will provide this information in a structured, commonly used, and machine-readable format.

8.2 Right to Rectification

You can request correction of inaccurate or incomplete personal information we hold about you.

8.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data when:

  • The data is no longer necessary for the purposes it was collected
  • You withdraw consent and there is no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • Deletion is required to comply with a legal obligation

8.4 Right to Restriction of Processing

You can request that we limit how we use your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.

8.5 Right to Data Portability

You have the right to receive your personal data in a portable format and transmit it to another controller where technically feasible.

8.6 Right to Object

You can object to processing of your personal data based on legitimate interests or for direct marketing purposes. We will cease processing unless we have compelling legitimate grounds.

8.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw your consent at any time. This will not affect the lawfulness of processing before withdrawal.

8.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority:

  • Canada: Office of the Privacy Commissioner of Canada (www.priv.gc.ca)
  • EU/EEA: Your local Data Protection Authority

Exercising Your Rights

To exercise any of these rights, please contact us at info@commodityprotect.world or +16479872845. We will respond to your request within 30 days (or as required by applicable law). We may require verification of your identity before processing your request.

9. Security Measures

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:

Technical Measures:

  • Encryption: HTTPS/SSL encryption for data transmission, encryption at rest for sensitive data
  • Access Controls: Role-based access controls, multi-factor authentication for administrative access
  • Firewalls: Network firewalls and intrusion detection systems
  • Regular Updates: Security patches and software updates applied promptly
  • Secure Backups: Encrypted backups stored securely with restricted access
  • Vulnerability Scanning: Regular security assessments and penetration testing

Organizational Measures:

  • Staff Training: Regular privacy and security training for employees
  • Confidentiality Agreements: All staff and contractors sign confidentiality agreements
  • Data Minimization: We collect only necessary data and limit access on a need-to-know basis
  • Incident Response: Documented procedures for responding to data breaches
  • Vendor Management: Due diligence and contractual safeguards with third-party processors

While we strive to protect your personal information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but continuously work to improve our security practices.

10. Children's Privacy

Our website and services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete that information promptly. If you believe we have collected information from a child under 16, please contact us immediately at info@commodityprotect.world.

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience and analyze website usage. For detailed information about the cookies we use, their purposes, and how to manage your cookie preferences, please refer to our Cookie Policy.

12. Third-Party Links

Our website may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party sites you visit. This Privacy Policy applies only to information collected by our website.

13. Marketing Communications

With your consent, we may send you marketing emails about our products, services, promotions, and news. You can opt out of marketing communications at any time by:

  • Clicking the "unsubscribe" link in any marketing email
  • Contacting us at info@commodityprotect.world
  • Updating your communication preferences in your account settings

Please note that even if you opt out of marketing communications, we will still send you transactional emails related to your account or purchases.

14. Automated Decision-Making and Profiling

We may use automated decision-making and profiling for the following purposes:

  • Personalizing website content and recommendations based on browsing behavior
  • Fraud detection and prevention
  • Website analytics and performance optimization

You have the right to object to automated decision-making that produces legal effects or similarly significantly affects you. If you wish to exercise this right, please contact us.

15. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information held by businesses
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising CCPA rights

To exercise these rights, contact us at info@commodityprotect.world. We will verify your identity before processing your request.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via email (if you have provided your email address)
  • Display a prominent notice on our website
  • Request your consent if required by applicable law

We encourage you to review this Privacy Policy periodically. Your continued use of our website after changes are posted constitutes acceptance of the updated policy.

17. Data Protection Officer

For questions or concerns about our privacy practices or this Privacy Policy, you can contact our Data Protection Officer:

Email: info@commodityprotect.world

Phone: +16479872845

Address: 401 Bay St. Suite #1600, Toronto, ON M5H 2T7, Canada

18. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Rhythbalance

Address: 401 Bay St. Suite #1600, Toronto, ON M5H 2T7, Canada

Email: info@commodityprotect.world

Phone: +16479872845

We will respond to your inquiry within 30 days of receipt.

19. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the Province of Ontario and the federal laws of Canada applicable therein, without regard to conflict of law principles. For users in the European Union, this policy also complies with GDPR requirements.

20. Severability

If any provision of this Privacy Policy is found to be invalid or unenforceable, the remaining provisions shall continue in full force and effect.