Effective Date: August 20, 2024

1. Introduction

Welcome to CareTilt (“we”, “our”, “us”). At CareTilt, we prioritize your privacy and are dedicated to safeguarding your personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you use our website caretilt.com (the “Site”) and services. By using our Site, you agree to the terms of this policy.

2. Information We Collect

2.1 Personal Data
We may collect and process the following types of personal data:

• Contact Information: Name, email address, phone number.
• Account Information: Username, password, profile details, and preferences.
• Technical Data: IP address, browser type, operating system, device information, and usage data.

3. How We Use Your Data

We use your data for the following purposes:

• To Provide and Manage Our Services: To manage your account, process transactions, provide support, and improve our services.
• To Communicate with You: To send updates, newsletters, and promotional information (you can opt out at any time).
• To Enhance User Experience: To analyze usage patterns and improve our Site and services.
• To Comply with Legal Obligations: To meet legal and regulatory requirements.

4. Legal Basis for Processing

Under the GDPR, we process your personal data based on the following legal grounds:

• Consent: When you have given us explicit consent to process your data.
• Contract: When processing is necessary for the performance of a contract with you.
• Legal Obligation: When processing is required to comply with a legal obligation.
• Legitimate Interests: When processing is necessary for our legitimate interests, provided these do not override your data protection rights.

5. Data Sharing and Disclosure

We do not sell or rent your personal data. We may share your data in the following situations:

• With Service Providers: Third-party vendors who assist us in providing our services (e.g., payment processors, IT service providers) under strict confidentiality agreements.
• For Legal Reasons: When required by law, to enforce our policies, or to protect our rights and safety.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, where your data may be transferred as part of the transaction.

6. Data Security

We take the following measures to protect your personal data:

• Technical Measures: Encryption, secure servers, and firewall protections.
• Organizational Measures: Access controls, regular security audits, and employee training on data protection practices.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Once data is no longer needed, it will be securely deleted or anonymized.

8. Your Data Protection Rights

Under the GDPR, you have the following rights:

• Access: The right to request a copy of your personal data.
• Rectification: The right to correct inaccurate or incomplete data.
• Erasure: The right to request deletion of your data under certain conditions.
• Restriction: The right to request restriction of processing your data under certain conditions.
• Portability: The right to receive your data in a structured, commonly used format and to transfer it to another data controller.
• Objection: The right to object to processing based on legitimate interests or direct marketing.

To exercise any of these rights, please contact us at our email address.

9. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Changes will be posted on this page, and significant updates will be communicated to you via email or other means. Please review this policy regularly to stay informed about how we are protecting your data.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at this email.