Privacy Policy
Token Pathway Lab (“we,” “our,” or “us”), accessible at tokenpathwaylab.com, recognizes and respects the privacy rights of our users and is committed to protecting the personal data of visitors, users, and other individuals who engage with our digital services. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data in accordance with applicable data protection laws, including the European Union’s General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
1. Commitment to Privacy and Data Protection
At Token Pathway Lab, your privacy and data protection are core to our operations. We design our services and internal policies to minimize data collection where possible, provide transparency in use, and uphold the rights of individuals as guaranteed under applicable data protection regulations. We handle all personal data with strict confidentiality and adopt industry-standard security protocols to keep your information safe.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all data collected through your interactions with our website (tokenpathwaylab.com), including any associated services, API access, customer support functions, or communication channels. For the purposes of GDPR, Token Pathway Lab is the data controller for personal data collected through tokenpathwaylab.com. This means we determine the purposes and methods of processing your personal data.
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a) Usage Data
Includes data on how you access and use tokenpathwaylab.com, such as browser type, IP address, pages visited, time spent on the site, referring URLs, date and time stamps, clickstream data, and session identifiers.
b) Account Data
Data provided during account registration or while maintaining your account, including full name, email address, phone number, postal address, and login credentials.
c) Profile Data
Includes data related to your preferences, interests, behavior on the site, language selections, product purchase history, and customized settings.
d) Communication Data
Encompasses records of your correspondence with us, including support requests, email inquiries, chat logs, and communication history across our support systems.
e) Technical Data
Includes technical information about the devices you use to access our services, such as type/model of device, operating system, platform details, screen resolution, language preferences, and application version.
f) Transaction Data
Includes information relating to payments or purchases made through tokenpathwaylab.com, such as billing and shipping addresses, payment method details (masked), transaction timestamps, and order history.
g) Preference Data
Data concerning your marketing preferences, opt-in or opt-out status for non-essential communications, preferred product categories, notification settings, and consent regarding cookies and tracking technologies.
4. Legal Bases for Processing
We process your personal data based on the following lawful grounds, pursuant to Article 6 of the GDPR and CCPA requirements:
– Contractual necessity: to provide services or process transactions you request.
– Legitimate interests: such as enhancing our services, preventing fraud, or improving user experience.
– Legal obligation: to comply with legal and regulatory requirements.
– Consent: for specific processing activities where required by law, such as in the context of marketing communications or non-essential cookies.
You may withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal.
5. Your Rights Under Applicable Law
Depending on your jurisdiction and applicable law (including GDPR and CCPA), you may have the following rights:
– Right of Access: You may request access to your personal data and obtain a copy.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to Be Forgotten”): You may request deletion where permissible.
– Right to Restriction: You may request limitation of how your data is processed.
– Right to Data Portability: You may receive your data in a structured, machine-readable format and request transmission to another controller.
– Right to Object: You may object to processing based on legitimate interests or direct marketing.
– Right to Non-Discrimination: Under CCPA, you will not receive discriminatory treatment for exercising your privacy rights.
To exercise these rights, please contact us at: [email protected]. We may need to verify your identity before proceeding with your request.
6. Security Measures
We implement a combination of administrative, technical, and physical security measures designed to protect personal data from unauthorized access, disclosure, alteration, or destruction. These include, but are not limited to:
– End-to-end transport encryption (SSL/TLS)
– Access control protocols with role-based privileges
– Routine system audits and vulnerability assessments
– Secure cloud infrastructure partners with ISO-certified environments
– Staff privacy training, data confidentiality agreements, and mandatory security practices
While no method of transmission over the Internet or method of electronic storage is 100% secure, we strive to follow globally recognized best practices.
7. International Data Transfers
If we transfer personal data outside of the country where you reside, such transfers are performed in compliance with applicable laws. For EU and EEA residents, transfers are governed by approved Standard Contractual Clauses (SCCs) or other lawful mechanisms to ensure an equivalent level of protection. We take all reasonable measures to ensure recipients of personal data adhere to stringent data privacy standards.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, resolve disputes, enforce agreements, or for legitimate business interests. General retention timelines include:
– Account and Profile Data: Retained for the duration of your account, plus up to 6 years post-deactivation for compliance obligations.
– Transaction Data: Retained for 7 years for accounting and tax purposes.
– Communication Data: Retained for 2 years for support and service history.
– Preference and Marketing Data: Retained until you withdraw consent or delete your preferences.
– Usage and Technical Data: Retained for 12–36 months for analytics and security purposes.
9. Cookie Policy
Token Pathway Lab uses cookies and similar tracking technologies to enhance your online experience. Cookies are small data files stored on your device that help us measure site activity and customize user content. We classify cookies as follows:
– Essential Cookies: Required for core website functionality (e.g., session login, secure access).
– Functional Cookies: Enable enhanced features such as language preferences or form auto-fill.
– Analytics Cookies: Allow us to analyze how users interact with tokenpathwaylab.com so we can improve the experience.
– Performance Cookies: Monitor service efficiency, load times, and usage trends.
10. Cookie Management and Legal Compliance
Upon visiting tokenpathwaylab.com, you are presented with a cookie consent banner in accordance with GDPR and CCPA requirements. You may accept or decline non-essential cookies and adjust your preferences at any time. Most web browsers also allow control over cookie settings. To learn more or change your cookie settings, please visit our Cookie Settings page, accessible via our website footer.
11. Children’s Data Protection
Token Pathway Lab does not knowingly collect or solicit personal data from children under the age of 13. If we learn that a child under 13 has provided us with personal data without verifiable parental consent, we will promptly delete such information. Parents or guardians who believe their child may have submitted data to us are encouraged to contact us immediately at [email protected].
12. Policy Updates and Notifications
We may update this Privacy Policy from time to time in response to legal, regulatory, or operational requirements. When changes are material, we will make reasonable efforts to notify you—such as by email or a prominent notice on tokenpathwaylab.com. Your continued use of the website and services constitutes acceptance of the revised terms.
13. Contacting Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
We are committed to upholding your privacy rights and complying with all applicable data protection laws. Please do not hesitate to reach out with privacy concerns or rights requests at any time.