Legal

Privacy Policy

How we collect, use, and protect your personal information.

Last Updated: Applies to: shineiradiantia.world

1. Introduction

Shineiradiantia ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website shineiradiantia.world.

We comply with applicable US federal and state privacy laws, including the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the California Online Privacy Protection Act (CalOPPA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), and the Utah Consumer Privacy Act (UCPA). We also comply with the General Data Protection Regulation (GDPR) for visitors from the European Economic Area. By using our website, you consent to the data practices described in this policy.

2. Data Controller Information

The data controller responsible for your personal data is:

Shineiradiantia
401 Dorset St, South Burlington, VT 05403, United States
Phone: +1 802 860 1212
Email: response@shineiradiantia.world

3. Information We Collect

3.1 Information You Provide

We collect information you voluntarily provide when you:

  • Fill out our contact form (name, email address, message content)
  • Subscribe to communications
  • Interact with our website in ways that require your input

3.2 Automatically Collected Information

When you visit our website, we may automatically collect:

  • IP address (anonymized where required by law)
  • Browser type and version
  • Operating system
  • Pages visited and time spent
  • Referring website
  • Device information

3.3 Categories of Personal Information (CCPA/CPRA)

Under the CCPA/CPRA, the categories of personal information we may collect include:

  • Identifiers: Name, email address, IP address
  • Commercial information: Records of products or services obtained (if applicable)
  • Internet or network activity: Browsing history, search history, interactions with our website
  • Geolocation data: General location derived from IP address
  • Professional or employment information: Information you provide in inquiries

We do not collect sensitive personal information as defined by the CPRA, nor do we collect biometric information, precise geolocation data, or genetic data.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds (where applicable under GDPR):

  • Consent: When you have given explicit consent for specific purposes
  • Legitimate Interests: When processing is necessary for our legitimate business interests, provided these do not override your rights
  • Legal Obligation: When we are required to process data to comply with legal requirements

For US residents, our processing is based on your consent (where required by applicable state law), contractual necessity, legitimate business interests, or compliance with legal obligations, depending on the specific processing activity and the state laws that apply to you.

5. How We Use Your Information

We use the collected information for the following purposes:

  • To respond to your inquiries and provide customer support
  • To improve our website and user experience
  • To analyze website usage and trends
  • To send communications you have requested
  • To comply with legal obligations
  • To protect our rights and prevent misuse

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Contact form submissions: Up to 2 years after your last interaction
  • Analytics data: Up to 26 months
  • Cookie consent preferences: Up to 12 months

After these periods, your data will be securely deleted or anonymized.

7. Your Privacy Rights

7.1 Rights Under GDPR (EEA Residents)

If you are located in the European Economic Area (EEA), you have the following rights:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request limitation of data processing
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time

7.2 Rights for US Residents

California Residents (CCPA/CPRA):

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources, the business or commercial purposes for collecting it, and the categories of third parties to whom we disclose it
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out of Sale or Sharing: We do not sell your personal information. We do not share personal information for cross-context behavioral advertising. If this changes, we will update this policy and provide an opt-out mechanism
  • Right to Limit Use of Sensitive Personal Information: We do not collect sensitive personal information as defined by the CPRA
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
  • Shine the Light: California Civil Code Section 1798.83 permits California residents to request information regarding the disclosure of personal information to third parties for direct marketing purposes. We do not disclose personal information to third parties for direct marketing purposes

Other State Privacy Rights: Residents of Virginia, Colorado, Connecticut, and Utah may have similar rights to access, correct, delete, and opt out of the processing of their personal data for targeted advertising or profiling. To exercise these rights, please contact us using the information below.

To exercise any of these rights, please contact us using the information provided in Section 14. We will respond within the timeframe required by applicable law (typically 45 days for CCPA/CPRA requests, with a possible 45-day extension). You may also designate an authorized agent to make a request on your behalf.

We will verify your identity before processing your request. This may require you to provide information sufficient to allow us to reasonably verify you are the person about whom we collected personal information.

8. CCPA/CPRA Disclosures

The following disclosures are provided pursuant to the CCPA/CPRA:

  • Categories of personal information collected: See Section 3.3 above
  • Sources of personal information: Directly from you (contact form) and automatically (through cookies and server logs)
  • Business or commercial purposes: To provide and improve our website, communicate with you, analyze usage, and comply with legal obligations
  • Categories of third parties: Web hosting providers, analytics providers (with your consent), and content delivery networks. We do not sell personal information

Notice of Financial Incentive: We do not offer any financial incentives for the collection, retention, or sale of personal information.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • HTTPS encryption for all data transmission
  • Secure server infrastructure
  • Regular security assessments
  • Access controls and authentication
  • Staff training on data protection

10. Third-Party Services

We may use third-party services that collect, monitor, and analyze data. These services have their own privacy policies. Current third-party services include:

  • Web hosting providers
  • Analytics services (if enabled with your consent)
  • Content delivery networks

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

12. Children's Privacy

Our website is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 13 in compliance with the Children's Online Privacy Protection Act (COPPA) and similar state laws. If you believe we have collected data from a child under 13, please contact us immediately and we will promptly delete such information.

13. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated revision date. We encourage you to review this policy regularly.

14. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. In the United States, you may contact the Federal Trade Commission (FTC) or your state Attorney General. For EU residents, you may contact your local Data Protection Authority.

California Residents: You may contact the California Attorney General's Office at https://oag.ca.gov/privacy.

15. Contact Us

For questions about this Privacy Policy or to exercise your rights, please contact us:

Shineiradiantia
401 Dorset St, South Burlington, VT 05403, United States
Phone: +1 802 860 1212
Email: response@shineiradiantia.world

We will respond to verified requests within the timeframe required by applicable law. If you are an authorized agent submitting a request on behalf of a consumer, please provide proof of your authorization.