GDPR Policy
At BestGold.Company (“Company,” “we,” “our,” or “us”), we are committed to protecting the personal data of individuals located in the European Economic Area (EEA) and the United Kingdom (UK) in compliance with the General Data Protection Regulation (GDPR) and the UK GDPR.
This GDPR Policy explains your rights as a data subject, how we collect and process your information, and how you may exercise your rights.
1. Data Controller
BestGold.Company is the Data Controller for personal data collected through:
-
Our website: https://bestgold.company/
-
Contact forms
-
Newsletter sign-ups
-
Customer accounts and orders
-
Customer support interactions
If you have questions about your data, contact us:
BestGold.Company – Data Protection Officer (DPO)
📧 Email: [Insert DPO Email]
📍 Address: [Insert Business Address]
📞 Phone: [Insert Phone Number]
2. Types of Personal Data We Collect
We may collect and process the following categories of data:
2.1. Personal Identification Data
-
Name
-
Email address
-
Phone number
-
Postal address
2.2. Account & Login Information
-
Username
-
Password (encrypted)
2.3. Order & Transaction Data
-
Billing address
-
Shipping address
-
Order history
-
Partial payment information (via third-party processors)
2.4. Technical & Usage Data
-
IP address (anonymized when possible)
-
Browser type & version
-
Device information
-
Cookies and tracking data
-
Access times and session information
2.5. Marketing Data
-
Email subscription preferences
-
Engagement with newsletters or promotions
2.6. Communication Data
-
Customer support messages
-
Emails and form submissions
3. Legal Basis for Processing Personal Data
Under GDPR, we process your personal data based on one or more of the following legal grounds:
3.1. Consent
Given when you:
-
Subscribe to newsletters
-
Accept cookies
-
Request marketing communications
3.2. Contractual Necessity
For actions required to fulfill a contract, such as:
-
Processing and delivering orders
-
Managing your account
-
Providing customer support
3.3. Legal Obligations
Required by law, such as:
-
Tax and accounting compliance
-
Fraud prevention
3.4. Legitimate Interests
For purposes including:
-
Improving website performance
-
Preventing abuse or security threats
-
Conducting business analytics
We ensure legitimate interests do not override your rights.
4. How We Use Your Personal Data
We use your data to:
-
Process orders and payments
-
Deliver goods and services
-
Provide customer support
-
Manage user accounts
-
Send transactional emails (confirmations, updates)
-
Send marketing communications (only with consent)
-
Improve website functionality and performance
-
Detect and prevent fraud
-
Comply with legal requirements
5. Data Sharing & Third-Party Processors
We may share personal data with trusted third parties, including:
-
Payment processors
-
Shipping and logistics providers
-
Analytics services (e.g., Google Analytics)
-
Marketing or email service providers
-
Website hosting providers
-
Security and fraud-prevention services
All third-party processors must:
-
Comply with GDPR
-
Handle data securely
-
Use data only for the agreed purpose
-
Not sell or misuse your data
We do not sell personal data to any third parties.
6. International Data Transfers
If your data is transferred outside the EEA or UK, we ensure proper safeguards such as:
-
EU Standard Contractual Clauses (SCCs)
-
Adequacy decisions
-
Data Processing Agreements (DPAs)
Your data is protected regardless of server location.
7. Data Retention
We retain personal data only as long as necessary for:
-
Fulfilling orders
-
Legal compliance
-
Security
-
Business operations
Typical retention periods:
-
Customer accounts: until deletion requested
-
Order records: 6–10 years (for tax and legal compliance)
-
Marketing data: until you withdraw consent
-
Cookies: based on cookie type (see Cookie Policy)
8. Your GDPR Rights
If you are located in the EEA or UK, you have the following rights:
8.1. Right of Access
Request a copy of the personal data we hold about you.
8.2. Right to Rectification
Correct inaccurate or incomplete information.
8.3. Right to Erasure (“Right to Be Forgotten”)
Request deletion of your personal data when legally permissible.
8.4. Right to Restrict Processing
Request limits on how your data is used.
8.5. Right to Data Portability
Receive your data in a machine-readable format.
8.6. Right to Object
Object to certain processing activities, including marketing.
8.7. Rights Related to Automated Decision-Making
You may request human review of automated decisions.
8.8. Right to Withdraw Consent
You may withdraw consent for marketing or cookies at any time.
To exercise your rights, contact us:
📧 Email: [email protected]
We respond to GDPR requests within 30 days.
9. Security Measures
We implement appropriate technical and organizational measures such as:
-
SSL encryption
-
Secure servers
-
Access control restrictions
-
Regular security audits
-
Data minimization
-
Encrypted passwords
However, no method of transmission over the internet is fully secure.
10. Children’s Data
Our Site is not intended for children under 16.
We do not knowingly collect or process children’s personal data.
If you believe a minor has provided data, contact us so we can remove it.
11. Automated Decision-Making
We do not use automated decision-making that produces significant legal effects (e.g., credit scoring).
Some automated systems (such as fraud detection tools) may be used to protect our platform.
12. Changes to This GDPR Policy
We may update this GDPR Policy at any time. Changes are effective immediately upon posting with an updated “Last Updated” date.
13. Contact Us
For GDPR inquiries, complaints, or rights requests:
BestGold.Company – Data Protection Officer
Email: [email protected]
Address: 135 Weston Road, Suite 144, Weston, FL 33326
Phone: 954-494-9217
If unresolved, you may contact your local Data Protection Authority (DPA).