Privacy Policy
1. Introduction
At Best of Tel Aviv (“we,” “our,” or “us”), accessible through bestoftelaviv.com, we are committed to safeguarding your personal data and upholding your privacy rights in accordance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We prioritize transparency, security, and adherence to internationally recognized privacy standards. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you browse, interact with, or utilize our services.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users of our website, bestoftelaviv.com, and individuals whose personal data is collected or processed in connection with our services. Best of Tel Aviv is the data controller for personal data collected via this website, meaning we determine the purposes and means of processing your personal information.
Should you have any questions, concerns, or requests related to your personal data, you may contact us at: [email protected].
3. Categories of Data Processed
We collect and process the following categories of personal data:
a. Usage Data: Includes information about your interaction with the site, such as browser type and version, IP address, page views, and session data.
b. Account Data: Includes identifiers you provide if you create an account, such as your full name, mailing address, email address, and telephone number.
c. Profile Data: Includes your preferences, interests, purchase history, and interaction behavior with the site.
d. Communication Data: Includes records of your correspondence with us, including customer support inquiries, feedback, and contact history.
e. Technical Data: Includes details about the device you use to access our site, system configurations, operating systems, and other device-identifying data.
f. Transaction Data: Includes payment confirmation details, order history, shipping addresses, billing data, and other delivery-related information, though financial information is handled by third-party secure processors.
g. Preference Data: Includes your marketing and communication preferences, such as newsletter opt-ins and product interest selections.
4. Legal Bases for Processing
We process your personal data only where lawful under GDPR and CCPA. The legal bases under which we operate include:
– Consent: Where you have provided clear consent for processing your personal data for a specific purpose, such as subscribing to our newsletter.
– Contractual Necessity: When processing is necessary for the fulfillment of a contract with you, including providing goods or services you request.
– Legitimate Interests: When we have a legitimate business interest to process your data that is not overridden by your privacy rights, such as fraud prevention and website improvement.
– Compliance with Legal Obligations: Where processing is necessary to fulfill obligations under applicable law.
5. Your Rights
If you are located in the European Union or California, or otherwise subject to GDPR or CCPA protections, you are entitled to the following rights:
– Right of Access: You may request access to the personal information we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data, subject to statutory or contractual obligations.
– Right to Restrict Processing: You may request the limiting of your personal data usage under specific circumstances.
– Right to Data Portability: You may request your data in a structured, commonly used, and machine-readable format.
– Right to Object: You have the right to object to our processing of your data based on legitimate interests or direct marketing.
– Right Not to Be Subject to Automated Decision Making: We do not make decisions that have legal or similarly significant effects solely by automated means.
To exercise any of these rights, please contact us at [email protected]. We may require verification of your identity before fulfilling your request.
6. Security Measures
We maintain rigorous technical, organizational, and procedural safeguards to protect your personal data against unauthorized access, misuse, disclosure, loss, or destruction. These include but are not limited to:
– End-to-end encryption for data in transit and at rest.
– Role-based access controls and multi-factor authentication.
– Regular security audits, vulnerability scans, and penetration tests.
– Routine data back-ups to secure off-site storage systems.
– Ongoing employee training in data protection and privacy compliance.
7. International Data Transfers
Personal data collected through bestoftelaviv.com may be transferred, stored, and processed outside your country of residence, including in countries that may not have equivalent data protection laws. Where required, we implement Standard Contractual Clauses or other lawful mechanisms to ensure adequate protection consistent with the GDPR.
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected, including compliance with legal, regulatory, tax, accounting, or reporting requirements. Generally:
– Usage and Technical Data: Retained for up to 12 months for analytics and site integrity.
– Account and Profile Data: Retained while your account is active and for up to 3 years post-termination.
– Transaction Data: Kept for 7 years for audit and compliance.
– Communication Data: Retained for 2 years to support customer service review.
– Preference Data: Stored indefinitely or until consent is withdrawn.
When data is no longer necessary, we securely delete or anonymize it.
9. Cookie Policy
Our website uses cookies and similar technologies to provide, enhance, and analyze the use of our services. Cookies fall under the following categories:
– Essential Cookies: Required for basic website operation, such as login session tracking and consent management.
– Functional Cookies: Enable personalization and remember user choices to improve experience.
– Analytics Cookies: Used to gather statistical information about site traffic, commonly via third-party services like Google Analytics.
– Performance Cookies: Monitor site performance and optimize functionality and load time.
10. Cookie Management and Compliance with GDPR & CCPA
We honor “Do Not Track” signals and provide cookie consent banners to users within the EU in compliance with GDPR and globally, as applicable. You can manage your cookie preferences directly through your browser settings or by utilizing the cookie consent tool presented upon first visit to bestoftelaviv.com.
Under CCPA, California residents can opt out of the “sale” of personal data via a dedicated “Do Not Sell My Information” link, which we provide where applicable. We do not knowingly sell personal information in a manner that exposes user identity to third parties for monetary gain.
11. Children’s Data
Bestoftelaviv.com is not intended for use by children under the age of 13, and we do not knowingly collect or process personal data related to individuals within this age group. If we learn that we have unintentionally collected data from a child under 13, we will take immediate steps to delete such information.
12. Policy Updates and Notifications
We may update this Privacy Policy to reflect changes in legal requirements, technological advancements, or our privacy practices. All changes will be posted on this policy page. In the event of material changes affecting your rights, you will be notified either via email (if known to us) or through prominent notification on bestoftelaviv.com.
13. Contact Us
If you have questions or concerns regarding this Privacy Policy or our handling of your personal data, please contact us via:
Email: [email protected]
We are committed to resolving any privacy concerns you may have in a fair and prompt manner.
—
We value your trust and are dedicated to maintaining compliance with applicable privacy laws. To ensure your privacy and data integrity, feel free to contact us at any time regarding your rights, preferences, or data protection concerns.