Privacy Policy
Privacy Policy
PyChicken LLC Effective Date: [DATE] Last Updated: [DATE]
1. Introduction
PyChicken LLC ("PyChicken," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information about you when you visit pychicken.com (the "Website") or use our services.
This policy is designed to comply with applicable privacy laws, including the EU General Data Protection Regulation ("GDPR"), the California Consumer Privacy Act ("CCPA") as amended by the California Privacy Rights Act ("CPRA"), and other applicable data protection laws.
Please read this Privacy Policy carefully. By using the Website or our services, you acknowledge the practices described herein.
2. Who We Are
PyChicken LLC is the data controller for personal data collected through the Website.
Contact: PyChicken LLC [Registered Address — to be inserted] Email: privacy@pychicken.com
For EU/EEA residents, please note that PyChicken LLC is a US-based company. Data transfers to the US are made in reliance on applicable transfer mechanisms as described in Section 10.
3. Information We Collect
3.1 Information You Provide Directly
When you contact us, request a quote, or place an order, we may collect:
- Contact information: Name, email address, phone number, company name, billing address.
- Project information: Requirements, uploaded files, communications related to your project.
- Payment information: We do not store payment card details. Payment processing is handled by Stripe and PayPal, which are PCI-DSS compliant third-party processors (see Section 7).
- Communications: Emails, messages, and other correspondence you send us.
3.2 Information Collected Automatically
When you visit the Website, we and our third-party service providers (Google Analytics) automatically collect:
- Usage data: Pages visited, time spent on pages, links clicked, referral URLs.
- Device and technical data: IP address (anonymized where possible), browser type and version, operating system, device type, screen resolution.
- Cookies and similar technologies: As described in our Cookie Policy.
3.3 Information We Do Not Collect
We do not intentionally collect:
- Sensitive personal data (health, biometric, financial account numbers, government IDs, racial or ethnic origin, religious beliefs, sexual orientation).
- Personal data from children under 16 years of age. If we learn that we have collected personal data from a child under 16, we will delete it promptly.
4. How We Use Your Information
We use the information we collect for the following purposes:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Providing and managing our Services | Performance of contract |
| Processing payments | Performance of contract |
| Responding to inquiries and support requests | Performance of contract / Legitimate interests |
| Sending service-related communications | Performance of contract |
| Improving our Website and Services | Legitimate interests |
| Analytics (understanding how visitors use the Website) | Legitimate interests / Consent (where required) |
| Marketing communications (blog updates, newsletters) | Consent |
| Complying with legal obligations (OFAC screening, tax) | Legal obligation |
| Enforcing our Terms of Service | Legitimate interests |
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects on you.
5. Cookies and Analytics
5.1 Google Analytics
We use Google Analytics to understand how visitors interact with the Website. Google Analytics uses cookies to collect anonymized information about your visit. We have enabled IP anonymization (IP masking) in Google Analytics so that your full IP address is not transmitted to Google.
You can opt out of Google Analytics tracking by:
- Installing the Google Analytics Opt-out Browser Add-on
- Managing your cookie preferences via our Cookie Consent tool (where available)
For more information on how Google uses this data, see Google's Privacy Policy.
5.2 Other Cookies
For full details of the cookies we use, please see our Cookie Policy.
6. Sharing Your Information
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
We may share your information with:
6.1 Service Providers
We share personal data with trusted third-party service providers that process data on our behalf:
- Stripe, Inc. — payment processing. Stripe Privacy Policy
- PayPal Holdings, Inc. — payment processing. PayPal Privacy Policy
- Google LLC — analytics (Google Analytics). Google Privacy Policy
- Email/communication providers — operational communications.
- Hosting providers — Website infrastructure.
All service providers are contractually bound to process personal data only as instructed and in compliance with applicable data protection laws.
6.2 Legal Requirements
We may disclose your information if required to do so by law, regulation, legal process, or governmental request, including for OFAC compliance screening.
6.3 Business Transfers
In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.
6.4 Protection of Rights
We may disclose information where we believe it is necessary to protect the rights, property, or safety of PyChicken, our clients, or others.
7. Payment Processing
All payment transactions are processed by Stripe and/or PayPal. PyChicken does not store, process, or transmit credit card numbers or sensitive payment information. These processors are PCI-DSS Level 1 compliant. Please refer to Stripe's and PayPal's respective privacy policies for information on how they handle your payment data.
8. Data Retention
We retain personal data for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by law.
| Data Type | Retention Period |
|---|---|
| Contact and project data | Duration of engagement + 5 years |
| Payment records | 7 years (tax and legal compliance) |
| Google Analytics data | 26 months (configurable) |
| Marketing consent records | Until consent is withdrawn + 3 years |
| Email communications | 3 years from last interaction |
When data is no longer needed, we securely delete or anonymize it.
9. Your Rights
9.1 Rights for EU/EEA Residents (GDPR)
If you are located in the EU or EEA, you have the following rights:
- Right of access: Request a copy of the personal data we hold about you.
- Right to rectification: Request correction of inaccurate or incomplete data.
- Right to erasure ("right to be forgotten"): Request deletion of your personal data, subject to legal retention requirements.
- Right to restriction: Request that we restrict processing of your data in certain circumstances.
- Right to data portability: Receive your data in a structured, machine-readable format.
- Right to object: Object to processing based on legitimate interests, including for direct marketing.
- Right to withdraw consent: Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
- Right to lodge a complaint: Lodge a complaint with your local supervisory authority (e.g., your national Data Protection Authority).
9.2 Rights for California Residents (CCPA/CPRA)
If you are a California resident, you have the following rights:
- Right to know: Request information about the categories and specific pieces of personal information we collect, use, and disclose.
- Right to delete: Request deletion of your personal information, subject to certain exceptions.
- Right to correct: Request correction of inaccurate personal information.
- Right to opt-out of sale or sharing: We do not sell or share personal information as defined under the CCPA.
- Right to limit use of sensitive personal information: We do not collect sensitive personal information as defined under the CPRA.
- Right to non-discrimination: We will not discriminate against you for exercising your privacy rights.
To submit a CCPA request, contact us as described in Section 12. We will respond within 45 days (with a possible 45-day extension for complex requests).
9.3 Exercising Your Rights
To exercise any of your rights, please contact us at privacy@pychicken.com. We may need to verify your identity before fulfilling your request. We will respond within 30 days (GDPR) or 45 days (CCPA) of receiving a verifiable request.
10. International Data Transfers
PyChicken is based in the United States. If you are located outside the US, your personal data will be transferred to and processed in the US, where data protection laws may differ from those in your country.
For transfers of personal data from the EU/EEA to the US, we rely on:
- Standard Contractual Clauses (SCCs) as adopted by the European Commission, where applicable.
- Other lawful transfer mechanisms as recognized under Chapter V of the GDPR.
By using our Website and Services, you acknowledge that your data may be transferred to and processed in the United States.
11. Security
We implement reasonable and appropriate technical and organizational security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:
- Encryption of data in transit (TLS/HTTPS)
- Access controls and authentication
- Regular review of security practices
However, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.
In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay in accordance with applicable law.
12. Third-Party Links
The Website may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing any personal information.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will post the updated policy on the Website with a new effective date. For material changes, we will provide additional notice (such as an email notification or a prominent notice on the Website) prior to the change becoming effective.
14. Contact Us
For privacy-related inquiries, requests, or complaints, please contact us at:
PyChicken LLC — Privacy [Registered Address — to be inserted] Email: privacy@pychicken.com
We aim to respond to all inquiries within 5 business days.
This Privacy Policy was last updated on [DATE].