Nasrallah%20Elkhateeb

Privacy Policy

This Privacy Policy outlines how nasrallah.io (“we”, “us”, “our”) collects, processes, safeguards, and governs your data across our digital ecosystem. Straightforward, compliant, and low-drama.

1. Who We Are

Website: https://nasrallah.io
Operator: Nasrallah.io
Contact: hi@nasrallah.io

2. What Personal Data We Collect & Why

We collect data to run the site, fulfill your orders, operate our digital products, and comply with global data standards. The categories include:

Account & Profile Data

  • Name, email, username, preferences.
    Why: Account creation, authentication, personalization.

Transactional Data

  • Orders, billing details, payment confirmations.
    Why: Order fulfillment, receipts, tax compliance.

Technical Data

  • IP address, browser type, cookies, device data, session logs.
    Why: Security, fraud prevention, website optimization.

Contact Form Data

  • Name, email, message content.
    Why: Customer service.
    We do not use contact form data for marketing unless you opt in.

Sensitive Data

We do not knowingly collect sensitive personal data unless explicitly provided and consented to.

3. Comments

When visitors leave comments, we collect:

  • Comment form data

  • IP address

  • Browser user agent

4. Media

If you upload images, avoid embedding location data (EXIF). Visitors can extract this information.

5. Cookies

We use cookies to maintain site functionality and improve UX. Examples:

  • Comment cookies: Save your details for future comments. Duration: 1 year.

  • Login cookies: Track login status and screen preferences. Duration: 2 days – 1 year.

  • “Remember Me” cookie: 2 weeks.

  • Editor cookies: Track posts you edit. Duration: 1 day.

  • WooCommerce cookies: Cart, checkout sessions, recently viewed products.

Your browser settings let you manage or block cookies. Some features may break—fair warning.

6. Embedded Content

Third-party embeds (videos, images, posts) behave as if you’re visiting their website.
They may:

  • Collect data

  • Use cookies

  • Track your interactions

We do not control third-party tracking.

7. Analytics

We may use analytics tools to understand traffic patterns.
Analytics providers may set cookies or capture anonymized data.
Users can opt out via browser-level “Do Not Track” controls.

8. WooCommerce – What We Collect During Checkout

We Track

  • Viewed products

  • IP address & browser info

  • Shipping/billing address

  • Cart contents

During Purchase We Collect

  • Name

  • Billing & shipping addresses

  • Email & phone number

  • Payment details

  • Optional account data

We Use This To

  • Process and deliver orders

  • Manage accounts

  • Prevent fraud

  • Meet tax and legal obligations

  • Improve store operations

  • Send marketing messages (only if you opt in)

9. Who On Our Team Has Access

Administrators and Shop Managers can access:

  • Order details

  • Customer information

They access this data solely to manage orders, refunds, and support.

10. Who We Share Your Data With

We share data only with trusted third parties necessary for operations:

  • Payment processors

  • Shipping/logistics providers

  • Cloud hosting & email services

  • Analytics partners

All partners operate under compliant privacy frameworks.

Payments:
If PayPal or other gateways are used, your payment data is shared only for transaction processing.
PayPal Policy: https://www.paypal.com/webapps/mpp/ua/privacy-full

11. How Long We Retain Data

  • Comments: Indefinitely

  • User accounts: Stored until deleted

  • Orders & transaction records: As required by tax/accounting laws

  • Contact form submissions: Up to 6 months

  • Analytics logs: Up to 12 months

12. Your Data Rights

You may request:

  • An export of your personal data

  • Correction of your data

  • Deletion of your data

  • Removal of marketing preferences

We must retain certain data for legal, security, and auditing requirements.

13. Data Transfers Outside the EU

Data may be processed outside the EU (e.g., cloud hosting).
Safeguards include:

  • Standard Contractual Clauses

  • GDPR-compliant processors

  • Industry-grade security protocols

14. How We Protect Your Data

We employ:

  • Encryption in transit & at rest

  • Access controls & MFA

  • Firewall and anti-malware systems

  • Secure payment gateways

  • Staff training on data protection practices

15. Data Breach Procedures

We maintain:

  • Incident logging

  • Rapid response protocols

  • Internal reporting workflows

  • Notification procedures when legally required

16. Third-Party Data Sources

If third-party platforms provide data (e.g., payment verification, analytics), it is processed in line with this policy.

17. Automated Decision-Making & Profiling

We may use automated systems for:

  • Fraud detection

  • Personalized recommendations

  • Marketing segmentation (only with consent)

18. Industry Regulatory Disclosures

If operating under additional sector regulations (e.g., e-commerce, financial compliance), we adhere to applicable requirements.

19. Contact Information

For privacy inquiries or data requests:
hi@nasrallah.io