Privacy Policy for YouandN.com

1. Introduction

YouandN (“we,” “us,” or “our”) is committed to protecting the privacy and personal data of all users who interact with our website, located at youandn.com (the “Site”). We recognize the importance of safeguarding your personal information and are dedicated to maintaining your trust by upholding the highest standards of privacy, transparency, and security. Our privacy practices are designed to comply with applicable privacy legislation, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Scope of This Policy and Role as Data Controller

This Privacy Policy applies to all personal information collected, used, stored, and shared when you access or interact with youandn.com, including when you create an account, browse our Site, or contact us. For purposes of the GDPR, YouandN is the “data controller” responsible for deciding how and why your personal information is processed. For California residents, YouandN is also considered a “business” under the CCPA.

3. Categories of Data We Process

We may collect and process the following categories of personal data about you:

a. Usage Data
Includes data concerning how you interact with our Site, such as your IP address, browser type and version, operating system, referral URLs, session duration, pages visited, and other diagnostics data.

b. Account Data
Includes information provided during account creation or profile setup, such as your full name, physical address, email address, phone number, and account credentials.

c. Profile Data
Includes information generated by your activity on our Site, including preferences, product interests, browsing behavior, wishlists, and shopping histories.

d. Communication Data
Includes messages or communications you send to us, including customer service inquiries, support requests, and contact history with our staff.

e. Technical Data
Includes device-specific identifiers and configurations, such as device type, operating system version, browser plug-in types, screen resolution, language settings, and mobile carrier.

f. Transaction Data
Includes details of purchases, order processing, delivery addresses, billing information, and payment confirmations (note: we do not store full payment card details).

g. Preference Data
Includes your marketing and communication preferences, user responses to surveys, and expressed interests in our products or services.

4. Legal Bases for Processing Personal Data

We rely on the following legal grounds under the GDPR to collect and process your personal information:

– Consent: When you affirmatively opt-in, such as providing consent for marketing emails or accepting cookies not essential for Site functionality.
– Contractual Necessity: Processing necessary for the performance of a contract, including fulfilling orders or providing services you request.
– Legitimate Interests: For purposes such as improving our Site functionality, preventing fraud, and securing your account, where these interests are not overridden by your rights.
– Compliance with Legal Obligations: To meet our legal, regulatory, or tax obligations.

Under the CCPA, we do not “sell” personal data in exchange for monetary value, but we may share data with service providers under strict contractual controls.

5. Your Rights

Under applicable legal frameworks, you have the following rights with respect to your personal data:

– Right of Access: You may request confirmation as to whether your data is being processed and request a copy of your information.
– Right to Rectification: You can ask us to correct or update inaccurate or incomplete data.
– Right to Erasure: In certain circumstances, you can request that we delete your personal data.
– Right to Restriction: You may request a temporary or permanent restriction of the processing of your data.
– Right to Data Portability: Where applicable, you may request that we transmit your data to another service in a structured, commonly used format.
– Right to Object: You may object to the processing of data when based on our legitimate interests or direct marketing.

To exercise these rights under the GDPR or the CCPA (e.g., right to know, delete, or opt-out), or to designate an authorized agent, please submit a request by contacting [email protected].

6. Security Measures

We employ a combination of technical and organizational safeguards to protect your personal data:

– End-to-end encryption of communications and sensitive data
– Robust access controls and multi-factor authentication for internal systems
– Regular system and data backups
– Staff training programs on security and data protection
– Continuous monitoring and intrusion prevention measures

While no system is fully secure, we strive to protect your information through industry best practices and continuous risk assessments.

7. International Data Transfers

If you access youandn.com from outside the country in which our service infrastructure is located, please note your data may be transferred internationally. For users in the European Economic Area (EEA), your data may be transferred outside the EEA under approved mechanisms such as Standard Contractual Clauses (SCCs) or other legally authorized safeguards to ensure it remains protected.

8. Data Retention

We retain personal data only as long as necessary to fulfill purposes for which it was collected, including:

– Usage and Technical Data: up to 12 months
– Account, Profile, and Communication Data: retained for the duration of your account and up to 36 months thereafter
– Transaction Data: retained for 7 years for tax and regulatory compliance
– Preference Data: retained until you update or withdraw your marketing preferences

We will securely dispose of or anonymize data once retained periods have expired unless legal or regulatory obligations require continued storage.

9. Cookie Policy

We use cookies and similar tracking technologies on youandn.com to improve user experience and provide essential functionality. Cookies may fall into the following categories:

– Essential Cookies: Required for the operation of our Site (e.g., login and security).
– Functional Cookies: Enable enhanced functionality such as language preferences or remembering login details.
– Analytical Cookies: Collect information on how visitors use the Site, helping us improve usability and performance.
– Performance Cookies: Track page load time and user engagement across devices and sessions.

10. Cookie Management and Compliance with GDPR & CCPA

Upon your first visit, you will be prompted to manage your cookie preferences in compliance with GDPR and CCPA standards. You have the right to accept or decline non-essential cookies and can amend these settings at any time through your browser or our Site’s cookie banner. You may also opt out of tracking by third-party analytics tools that we use, such as Google Analytics.

11. Children’s Privacy

Our Site is not intended for use by children under the age of 13. We do not knowingly collect or solicit personal data from individuals under the age of 13, nor do we market to them. If we become aware that we have collected data from a minor without appropriate consent, we will take immediate steps to delete such information.

12. Policy Updates and User Notifications

We reserve the right to modify or update this Privacy Policy at any time to reflect changes in legal requirements or our processing practices. Changes will be clearly communicated on this page or through notices posted within the Site. We encourage you to review this page periodically to remain informed of our privacy practices.

13. Contact Us

If you have any questions, requests, or concerns related to this Privacy Policy or how your personal data is handled, please contact us at [email protected].

We are committed to maintaining full compliance with applicable privacy laws and resolving any privacy concerns in a timely and transparent manner. Please do not hesitate to reach out if we can assist you in protecting your privacy.