Privacy Policy
National Labs (“we,” “us,” or “our”) is firmly committed to protecting your privacy and the security of your personal data. This Privacy Policy outlines how we collect, use, store, and share your personal information when you interact with our website, national-labs.com, and our associated services. We process personal data in accordance with applicable data protection laws, including the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), maintaining a privacy-first approach throughout our data handling practices.
1. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users who access or interact with national-labs.com or who communicate with us via email or other channels. National Labs acts as the “data controller” for personal data collected and processed through our website, meaning we determine the purposes and means of the processing.
2. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Includes information about your interactions with our website such as IP address, browser type and version, device identifiers, time zone settings, operating system, referring URLs, and browsing behavior (including pages visited, session duration, and navigation paths).
b. Account Data
Includes information you provide during registration or account creation, such as your full name, email address, mailing address, phone number, and account credentials.
c. Profile Data
Includes information about your preferences, purchase history, feedback, and behavioral patterns collected via user activity and submitted preferences.
d. Communication Data
Includes communications you send to us for support purposes, contact history, requests, inquiries, dispute resolutions, and other electronic communication.
e. Technical Data
Includes technical details about the devices used to access the website, including device type, hardware specifications, software configurations, language, screen resolution, and system diagnostics.
f. Transaction Data
Includes data related to purchases, such as payment method (excluding full card numbers or sensitive payment details managed by third-party processors), billing and delivery addresses, amounts paid, and transaction history.
g. Preference Data
Includes your marketing and communication preferences, product interests, cookie choices, and consent records relating to promotional materials or newsletter subscriptions.
3. Legal Bases for Processing Personal Data
We process personal data under the following legal bases, as required by the GDPR:
– Performance of a Contract: When processing is necessary for the performance of a contract with you, such as fulfilling purchases or managing your account.
– Consent: For cases where you have voluntarily given clear permission, e.g., signing up for newsletters or accepting non-essential cookies.
– Compliance with Legal Obligations: Where processing is required to comply with legal or regulatory duties.
– Legitimate Interests: For purposes deemed necessary for our legitimate interests or those of third parties, provided such interests are not overridden by your rights and freedoms. These may include business development, fraud prevention, improving service functionality, and marketing (subject to your rights and choices).
4. Your Rights
Subject to applicable law, you have the following rights regarding your personal information:
– Right of Access: You may request details regarding the personal data we process about you.
– Right to Rectification: You may ask us to correct or update inaccurate or incomplete data.
– Right to Erasure (“Right to Be Forgotten”): You may request the deletion of your personal data, where appropriate.
– Right to Restrict Processing: In certain cases, you may request that we limit or suspend processing.
– Right to Data Portability: You may request to receive your personal data in a machine-readable format and to transfer it to another controller.
– Right to Object: You may object to our processing of your data where we rely on legitimate interests or use your data for direct marketing.
– Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
California residents may also exercise specific rights under the CCPA, such as:
– Right to Know: You have the right to request information about categories and specific pieces of personal data we have collected about you.
– Right to Delete: Subject to exceptions, you may request the deletion of your personal information.
– Right to Opt-Out: You may request not to have your personal information sold or shared with third parties, where applicable.
To exercise your rights, contact us at: [email protected].
5. Security Measures
We implement a comprehensive set of technical and organizational security measures to protect the integrity, confidentiality, and availability of personal data. These include:
– End-to-end encryption of sensitive data
– Secure storage environments with access controls and authentication safeguards
– Regular security assessments and vulnerability testing
– Role-based access and employee training in data protection
– Off-site backups and disaster recovery protocols
Despite our efforts, no method of data transmission or electronic storage is completely secure. We recommend users take appropriate measures to protect their personal credentials and data.
6. International Data Transfers
Your personal data may be transferred to and processed in countries outside your jurisdiction. In such cases, we ensure that appropriate safeguards are in place, including the use of Standard Contractual Clauses (SCCs), adequacy decisions, and other legal mechanisms approved under GDPR. We take all necessary measures to ensure that international data transfers are conducted securely and in compliance with applicable laws.
7. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, or to fulfill legal or regulatory obligations, as outlined below:
– Usage Data: up to 26 months
– Account Data: retained while user accounts remain active and for six years thereafter
– Profile Data: retained for as long as the account is active or until preferences are changed
– Communication Data: stored for three years from the last interaction
– Technical Data: retained for 26 months to support diagnostics and troubleshooting
– Transaction Data: retained for seven years as required for accounting and tax compliance
– Preference Data: retained until withdrawn or expired
8. Cookies Policy
We use cookies and similar technologies to enhance your user experience, perform website analytics, and deliver relevant content. Our cookies fall into the following categories:
– Essential Cookies: Required for core site functionality and security (e.g., session management, login authentication).
– Functional Cookies: Enable enhanced features such as remembering preferences and supporting user interface customizations.
– Analytics Cookies: Collect aggregate data to understand user interaction and improve service performance.
– Performance Cookies: Measure site performance and detect issues or lags.
These technologies may be provided directly by us or integrated with third-party providers.
9. Cookie Management & Compliance
Upon your first visit to national-labs.com, we present a cookie banner requesting your consent for the use of non-essential cookies in compliance with GDPR and CCPA requirements. You can manage your cookie preferences at any time via our cookie settings interface. Additionally, browser settings may allow you to block or delete cookies, although in doing so, certain website features may not function properly.
California residents may further opt out of the sale or sharing of personal information by enabling browser controls identified as Do Not Sell My Personal Information.
10. Special Protections for Children
We do not knowingly collect or process the personal data of children under the age of 13. If you believe that a child under 13 has provided us with their personal information, please contact us immediately at [email protected]. If we become aware that we have inadvertently collected such data, we will promptly delete it from our systems.
11. Policy Updates
We reserve the right to amend or update this Privacy Policy at any time in response to legal, technical, or business developments. Material changes will be communicated to users through appropriate means, such as notifications on the website or via email where consent has been provided. Please review this Privacy Policy periodically to remain informed of our practices.
12. Contact
For any inquiries relating to this Privacy Policy, data protection practices, or to exercise your data subject rights, please contact:
Email: [email protected]
Website: national-labs.com
We are committed to lawful and transparent data handling practices and remain dedicated to ensuring that the privacy and fundamental rights of our users are protected. Please do not hesitate to contact us with any concerns or questions regarding your personal data.
This Privacy Policy reflects our compliance with applicable data protection laws, including the GDPR and CCPA.