Privacy Policy
Introduction
This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.
NorthLadder Trading LLC will not pass any debit/credit card details to third parties.
NorthLadder Trading LLC takes appropriate steps to ensure data privacy and security including through various hardware and software methodologies. However, www.northladder.com cannot guarantee the security of any information that is disclosed online.
NorthLadder Trading LLC is not responsible for the privacy policies of websites to which it links. If you provide any information to such third parties, different rules regarding the collection and use of your personal information may apply. You may contact these entities directly if you have any questions about their use of the information that they collect.
Website Policies and Terms & Conditions may be changed or updated occasionally to meet requirements and standards. As such, customers are encouraged to visit these sections frequently to stay updated about changes on the website. Modifications will be effective on the day they are posted.
What personal information do we collect from people who visit our blog, website, or app?
When ordering or registering on our site, you may be asked to enter your name, email address, phone number, or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on the site, subscribe to a newsletter, fill out a form or enter information on the site.
When you visit the site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some cookies that are installed on your device. Additionally, as you browse the site, we collect information about individual web pages or products that you view, what websites or search terms referred you to the site, and information about how you interact with the site. We refer to this automatically-collected information as device information.
We collect device information using the following technologies:
· Cookies are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies and how to disable them, visit https://www.allaboutcookies.org
· Log files track actions occurring on the site, and collect data including your IP address, browser type, internet service provider, referring/exit pages and date/time stamps
· Log files track actions occurring on the site, and collect data including your IP address, browser type, internet service provider, referring/exit pages and date/time stamps
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
· To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested
· To process your transactions quickly
· To send periodic emails regarding your order or other products and services
· We do not send unsolicited emails to advertise our website
· When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services
How do we protect your information?
· We do not use vulnerability scanning and/or scanning to PCI standards
· We only provide articles and information
· We never ask for credit card numbers
· We use regular malware scanning
Your personal information is contained behind secured networks and is accessible only to a limited number of persons who have special access rights to such systems and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
To maintain the safety of information, we implement a variety of security measures when a user who places an order enters, submits, or accesses their information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use cookies?
Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. We use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, enabling us to provide you with improved services. We also use cookies to help us compile aggregated data about site traffic and site interaction so that we can offer better site experiences and tools in the future.
Third parties (such as AdRoll) may place cookies on their browsers for targeted advertising purposes.
We use cookies to:
· Understand and save the user’s preferences for future visits
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. This can be done through your browser settings. Go to your browser’s Help Menu to learn the correct way to modify cookies.
If you turn cookies off, it won’t affect the user experience.
YOUR RIGHTS & PREFERENCES AS A DATA SUBJECT Subject to the GDPR and applicable law’s limitations, the rights afforded to you as a data subject are:
- RIGHT TO BE INFORMED : You have a right to be informed about the manner in which any of your personal data is collected or used which we have endeavored to do by way of this Policy.
- RIGHT OF ACCESS : You have a right to access the personal data you have provided by requesting us to provide you with the same.
- RIGHT TO RECTIFICATION : You have a right to request us to amend or update your personal data if it is inaccurate or incomplete.
- RIGHT TO ERASURE : You have a right to request us to delete your personal data.
- RIGHT TO RESTRICT : You have a right to request us to temporarily or permanently stop processing all or some of your personal data.
- RIGHT TO OBJECT : You have a right, at any time, to object to our processing of your personal data under certain circumstances. You have an absolute right to object to us processing your personal data for the purposes of direct marketing.
- RIGHT TO DATA PORTABILITY : You have a right to request us to provide you with a copy of your personal data in electronic format and you can transmit that personal data for using another third-party’s product/service.
- RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISION-MAKING : You have a right to not be subject to a decision based solely on automated decision making, including profiling.
In case you want to exercise the rights set out above you can contact our Grievance Officer whose details are set out in Section below.
The data provided by you as a Visitor, or when you sign up as a Customer / User or register for our Services will be processed by us for the purpose of rendering Services to you or in order to take steps prior to rendering such Services, at your request. Where such data is not being used by us to render Services to you, we shall explicitly seek your consent for using the same. You can choose to withdraw this consent at any time.
Additionally, we may process your data to serve legitimate interests.
Accordingly, the grounds on which we can engage in processing are as follows:
| NATURE OF DATA | GROUNDS |
|---|---|
| Visitor Data | Consent;Performance of a Contract; andLegitimate Interest |
| Account Registration Data | Compliance with applicable laws;Legitimate Interest |
| Service Usage Data | Performance of a Contract; andLegitimate Interest |
| Data for Marketing our Services | Consent; andLegitimate Interest |
If you believe we have used your personal data in violation of the rights above or have not responded to your objections, you may lodge a complaint with your local supervisory authority.
Additionally, please note:
- If you are a Customer/User using one of our Services to collect data about an EU data subject from third parties, it shall be your sole obligation to inform such data subject about the source of such data; and
- We do not collect any Special Categories of Personal Data. Further, if you are a Customer/User, you hereby agree and acknowledge that you shall not, under any circumstances, whether directly or indirectly, use our Services to collect or process Special Categories of Personal Data or transfer to us any such data.
- The term “Special Categories of Personal Data” shall have the meaning ascribed to it under the GDPR and shall include, without limitation, data pertaining to a data subject’s race, ethnic origin, genetics, political affiliations, biometrics, health or sexual orientation.
SECURITY OF YOUR PERSONAL INFORMATION
We implement industry-standard technical and organizational measures by using a variety of security technologies and procedures to help protect your data from unauthorized access, use, loss, destruction or disclosure. When we collect particularly sensitive data it is encrypted using industry-standard cryptographic techniques including but not limited to SSL, TLS, RSA, and AES.
We adhere to the ISO/IEC 27001:2022 standard, an internationally recognized framework for Information Security Management Systems (ISMS). Our commitment to ISO 27001 ensures that we follow rigorous security practices and maintain high standards for information security.
In compliance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, we adhere to the following reasonable security practices and procedures to protect your personal data:
| Measure | Description |
|---|---|
| Access Control | We ensure that access to personal data is granted only to authorized personnel on a need-to-know basis and that such access is logged and monitored. |
| Data Encryption | Sensitive personal data is encrypted both in transit and at rest using strong encryption methods such as AES-256. |
| Network Security | We employ secure network architecture, including firewalls and intrusion detection systems, to prevent unauthorized access. |
| Regular Audits | We conduct regular security audits and assessments to identify potential vulnerabilities and ensure compliance with our security policies. |
| Incident Management | We have established protocols for managing and responding to security incidents, including data breaches, to mitigate any potential impact on your personal data. |
| Employee Training | We conduct regular training programs for our employees to ensure they are aware of and comply with our security policies and procedures. |
| Third-Party Compliance | We ensure that any third-party service providers who handle personal data on our behalf adhere to equivalent security standards and practices. |
| Physical and Environmental Security | We have implemented robust physical security controls to protect our data centers and other facilities from unauthorized access, damage, and interference. |
| Business Continuity Management | We have developed and tested business continuity plans to ensure the availability of critical information and systems in the event of a disruption. |
| Risk Assessment and Treatment | We conduct regular risk assessments to identify potential security threats and vulnerabilities, and implement appropriate risk treatment plans to mitigate identified risks. |
| Audit and Compliance | We conduct regular internal and external audits to ensure compliance with ISO 27001 standards and continuously improve our ISMS. |
GRIEVANCE OFFICER
The name and contact details of our Grievance Officer, who you may contact if you have any concerns, complaints or feedback pertaining to this Policy, are as follows:
| EMAIL: | dpo@northladder.com |