Privacy Policy

At K-MASA (“we,” “us,” or “our”), accessible via k-masa.com (the “Website”), we are firmly committed to protecting your personal information and respecting your privacy rights. We understand the importance of transparency in handling your data and are dedicated to safeguarding your privacy in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Introduction

We place a high priority on maintaining the confidentiality and security of the personal data you provide us. This Privacy Policy explains in detail how we collect, use, store, share, and protect personal data obtained through the Website. It also outlines your legal rights and choices regarding your personal information.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all visitors to and users of k-masa.com and governs the processing of personal data that you provide or that we collect in the course of providing services, features, and communications through the Website. For the purposes of GDPR and other applicable privacy regulations, K-MASA is the data controller of your personal data.

3. Categories of Data We Process

We may collect and process the following categories of personal data:

a. Usage Data: Includes information automatically collected about your interaction with the Website such as IP address, browser type, referral/exit pages, session duration, clicks, pages viewed, and the date/time of access.

b. Account Data: Includes your first and last name, email address, postal address, phone number, login credentials, and other identifiers you provide when registering for an account.

c. Profile Data: Includes your purchase history, preferences, saved items, behavioral patterns, and interests relevant to our services.

d. Communication Data: Includes the contents of messages you send to us, including support requests, emails, chat transcripts, and customer service records.

e. Technical Data: Includes information about user devices such as operating system, device make/model, device identifier, system settings, and screen resolution.

f. Transaction Data: Includes billing details, delivery addresses, payment method data (limited to the extent permitted under PCI DSS compliance), and order history.

g. Preference Data: Includes marketing preferences, subscription status, feedback, product interests, and opt-in/opt-out indicators.

4. Legal Bases for Processing

We process your personal data on one or more of the following legal bases as established under the GDPR and similar applicable laws:

– Consent: Where you have provided your explicit consent for us to process your personal information for specific purposes (e.g., newsletter subscriptions).
– Contractual Obligation: Where processing is necessary to fulfill our contractual obligations to you (e.g., processing transactions and delivering purchases).
– Legal Obligation: Where we are required to process data to comply with legal and regulatory requirements.
– Legitimate Interests: Where data processing is necessary for our legitimate interests, provided those interests are not overridden by your privacy rights (e.g., for internal analytics, fraud prevention, or service improvements).

5. Your Data Protection Rights

Depending on your location and applicable law, you have the following rights regarding your personal data:

– Right of Access – You have the right to request details of the personal data we hold about you.
– Right to Rectification – You may request correction of inaccurate or incomplete data.
– Right to Erasure – You may request the deletion of your data, subject to certain legal exceptions.
– Right to Restrict Processing – You have the right to restrict how we process your data in limited circumstances.
– Right to Data Portability – You may request to receive your data in a structured, common, and machine-readable format and transmit it to another controller.
– Right to Object – You may object to processing of your data carried out on grounds of legitimate interests or for direct marketing purposes.
– Right Not to Be Subject to Automated Decision-Making – You have the right not to be subject to decisions based solely on automated processing.

To exercise any of the above rights, please contact us at: [email protected].

6. Security Measures

We implement and maintain appropriate technical and organizational security measures to protect your personal data, including:

– Data encryption in transit and at rest;
– Multi-factor authentication and access control protocols;
– Regular security assessments and vulnerability testing;
– Secure data storage and monitoring systems;
– Staff training on data protection best practices;
– Scheduled backups and disaster recovery processes.

7. International Data Transfers

If we transfer personal data outside the European Economic Area (EEA) or other countries with similar data protection regimes, such transfers are made in compliance with legal requirements, including:

– Use of Standard Contractual Clauses (SCCs) approved by the European Commission;
– Verification of the receiving party’s participation in certified frameworks (as applicable);
– Assessment of adequate levels of protection in the destination jurisdiction.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Retention periods differ by data category:

– Usage and Technical Data: Kept for up to 12 months for analytics and diagnostics;
– Account and Profile Data: Retained while your account remains active and for a further 6 years for compliance;
– Communication Data: Retained for 24 months after your last contact;
– Transaction Data: Maintained for 7 years for accounting and audit purposes;
– Preference Data: Retained until opt-out or periodic review (no longer than 24 months without refresh).

9. Cookie Policy

We use cookies and similar tracking technologies to enhance user experience on k-masa.com. Cookies are categorized as follows:

– Essential Cookies: Necessary for core website functionality such as log-in, shopping cart, and navigation;
– Functional Cookies: Enable enhanced features like remembering your preferences;
– Analytics Cookies: Help us understand visitor interactions and improve user experience (e.g., Google Analytics);
– Performance Cookies: Monitor technical performance and load times.

10. Cookie Management and Compliance

Upon your first visit to k-masa.com, a cookie consent banner allows you to opt in or out of non-essential cookies. You may manage your consent preferences at any time via our cookie settings interface or through your browser’s privacy controls.

For users in the European Union, we honor GDPR-compliant consent choices and provide transparent tracking information. For California residents, we provide a “Do Not Sell My Personal Information” mechanism as required under CCPA.

11. Children’s Privacy

Our services are not directed to children under 13 years of age. We do not knowingly collect or solicit personal data from any individual under the age of 13. If we learn that we have inadvertently collected data from a child under 13, we will take immediate steps to delete such information. Parents or guardians may contact us at [email protected] if they believe a child has provided us with personal information.

12. Updates to This Policy

We may revise this Privacy Policy periodically to reflect changes in legal requirements, our operations, or technology. Material changes that affect how your data is used will be communicated via appropriate means, such as notices on our Website or direct email, if applicable. We encourage users to review this Policy periodically to remain informed.

13. Contacting Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

Email: [email protected]
Website: https://k-masa.com

We are fully committed to maintaining compliance with GDPR, CCPA, and all applicable data protection legislation. Should you have any concerns about your data or wish to exercise your rights, we invite you to reach out through the contact details provided.