At Obotoronika ("we," "our," or "us"), we respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

This privacy policy complies with the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA) and the California Consumer Privacy Act (CCPA) for California residents, as well as other applicable privacy laws in the United States.

Please read this privacy policy carefully. By using our website or services, you agree to the collection and use of information in accordance with this policy.

For users in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

• Consent: When you have given clear consent for us to process your personal data for specific purposes
• Contract Performance: To perform a contract with you or to take steps at your request before entering into a contract
• Legal Obligation: To comply with our legal obligations (e.g., tax, accounting, or regulatory requirements)
• Legitimate Interests: For our legitimate business interests, such as improving our services, security, fraud prevention, and marketing (where permitted by law)
• Vital Interests: To protect your vital interests or those of another person

You have the right to object to processing based on legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.

We use the information we collect for the following purposes:

• To provide, maintain, and improve our services
• To process transactions and send related information
• To send you technical notices, updates, and support messages
• To respond to your comments, questions, and requests
• To monitor and analyze trends, usage, and activities
• To detect, prevent, and address technical issues and security threats
• To personalize your experience and deliver relevant content
• To comply with legal obligations and enforce our terms of service
• To send marketing communications (with your consent where required)
• To conduct research and analytics to improve our services

We may share your information in the following situations:

• Service Providers: We may share information with third-party service providers who perform services on our behalf (e.g., hosting, payment processing, analytics, customer support). These providers are contractually obligated to protect your information and use it only for the purposes we specify.
• Business Partners: We may share information with trusted business partners for joint marketing or service delivery, only with your consent where required.
• Business Transfers: In connection with any merger, sale, or acquisition of our business, your information may be transferred as part of the transaction.
• Legal Requirements: When required by law, court order, or government regulation, or to protect our rights, property, or safety, or that of our users or others.
• With Your Consent: When you have given us explicit permission to share your information.

We use industry-standard security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication mechanisms
• Secure data storage and backup procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect and store information about your preferences and activity on our website. Under GDPR and ePrivacy Directive, we require your consent for non-essential cookies.

Your personal information may be transferred to, and processed in, countries other than your country of residence. These countries may have data protection laws that differ from those in your country.

For transfers from the EEA to countries outside the EEA, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions by the European Commission
• Other appropriate safeguards as required by GDPR

By using our services, you consent to the transfer of your information to countries outside your country of residence, including the United States, where our servers and service providers may be located.

If you are located in the EEA, you have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete personal data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of how we process your personal data
• Right to Data Portability: Receive your personal data in a structured, commonly used format and transmit it to another controller
• Right to Object: Object to processing of your personal data based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Right to Lodge a Complaint: File a complaint with your local supervisory authority if you believe we have violated your rights

To exercise any of these rights, please contact us using the information in the "Contact Us" section. We will respond to your request within one month (or two months for complex requests) as required by GDPR.

If you are a California resident, you have the following rights:

• Right to Know: Request disclosure of the categories and specific pieces of personal information we collect, use, disclose, and sell (we do not sell personal information)
• Right to Delete: Request deletion of your personal information, subject to certain exceptions
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
• Right to Correct: Request correction of inaccurate personal information

To exercise your CCPA rights, please contact us using the information in the "Contact Us" section. We will verify your identity before processing your request and respond within 45 days (or 90 days for complex requests).

Regardless of your location, you generally have the right to:

• Access your personal information
• Correct inaccurate information
• Request deletion of your information (subject to legal requirements)
• Opt-out of marketing communications
• Update your account preferences

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

We will retain your personal information for as long as necessary to fulfill the purposes described in this privacy policy, unless a longer retention period is required or permitted by law. Our retention periods are based on:

• The nature of the personal information
• The purposes for which we process it
• Legal and regulatory requirements
• Statutes of limitations for potential legal claims

When we no longer need your personal information, we will securely delete or anonymize it in accordance with our data retention policies and applicable laws. In some cases, we may retain certain information in anonymized form for statistical and analytical purposes.

If you request deletion of your personal information, we will delete it within 30 days, unless we are required to retain it for legal purposes or have a legitimate business interest in retaining it.

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay, and in any event within 72 hours of becoming aware of the breach (as required by GDPR).

The notification will include:

• Description of the nature of the breach
• Categories and approximate number of individuals affected
• Likely consequences of the breach
• Measures taken or proposed to address the breach

For California residents, we will also comply with CCPA requirements for breach notification, which may include providing notice within specific timeframes as required by California law.

Our services are not directed to individuals under the age of 18 (or 16 in the European Economic Area). We do not knowingly collect personal information from children without appropriate parental consent.

For EEA Users: If you are under 16, you must have your parent's or guardian's consent to use our services. We will not process personal data of children under 16 without such consent.

For US Users: We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13 without verifiable parental consent.

If you become aware that a child has provided us with personal information without appropriate consent, please contact us immediately, and we will take steps to delete such information in accordance with applicable laws.

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last updated" date. You are advised to review this privacy policy periodically for any changes.

Changes to this privacy policy are effective when they are posted on this page.

If you have any questions, concerns, or requests regarding this privacy policy or our data practices, please contact us: