Privacy Policy & Data Protection Statement
Effective Date: November 17, 2025 | Last Updated: November 17, 2025
This Privacy Policy governs the collection, use, storage, and protection of personal information for users of cutiesbank.com ("Platform", "we", "us", or "our").
IMPORTANT: By accessing or using cutiesbank.com, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with any aspect of this policy, please discontinue use of our Platform immediately.
Table of Contents
- Introduction & Scope
- Information We Collect
- How We Collect Information
- How We Use Your Information
- Legal Basis for Processing (GDPR)
- Information Sharing & Disclosure
- Data Retention & Storage
- Data Security Measures
- Your Privacy Rights
- Cookies & Tracking Technologies
- Third-Party Services
- Children's Privacy
- International Data Transfers
- Policy Changes & Updates
- Contact Information
1. Introduction & Scope
This Privacy Policy applies to all personal information collected through cutiesbank.com, including our website, mobile applications, APIs, and related services. We are committed to protecting your privacy and handling your personal information with transparency and care in compliance with applicable data protection laws, including:
- General Data Protection Regulation (GDPR) for European Union residents
- California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
- Virginia Consumer Data Protection Act (VCDPA)
- Colorado Privacy Act (CPA)
- Other applicable national and regional privacy regulations
This policy describes our practices regarding the collection, use, disclosure, and protection of your information. It applies to all users, visitors, and individuals who interact with our Platform.
2. Information We Collect
We collect several categories of personal information, which may include:
A. Information You Provide Directly
- Account Information: Username, email address, password (hashed), profile picture, display name
- Profile Information: Biography, location, preferences, settings, communication preferences
- Content Information: Uploaded files, comments, messages, metadata associated with content
- Communication Data: Support requests, feedback, survey responses, contact form submissions
- Payment Information: Billing address, transaction history (processed through secure third-party processors)
B. Information Collected Automatically
- Usage Data: Pages visited, time spent, features used, search queries, clickstream data
- Device Information: Device type, operating system, browser type, screen resolution, language settings
- Connection Information: IP address, internet service provider, referring/exit pages
- Location Data: Approximate geographic location (derived from IP address or device settings)
- Log Data: Server logs, error reports, performance metrics, diagnostic information
C. Information from Third Parties
- Social Media: Information from connected social media accounts (with your permission)
- Service Providers: Analytics data, advertising information, fraud detection data
- Public Sources: Information from publicly available sources for verification purposes
D. Cookies and Similar Technologies
- Essential Cookies: Required for platform functionality and security
- Performance Cookies: Analytics and performance monitoring
- Functionality Cookies: Remember preferences and settings
- Advertising Cookies: Targeted advertising (with consent where required)
- Local Storage: HTML5 local storage for enhanced functionality
3. How We Collect Information
We collect information through various methods:
- Direct Interactions: When you register, create content, communicate with us, or use platform features
- Automated Technologies: Through cookies, web beacons, tracking pixels, and server logs
- Third Parties: From analytics providers, advertising networks, and security services
- Publicly Available Sources: From public databases, social media platforms, and open government data
- User Contributions: Content you voluntarily upload, post, or share on the Platform
4. How We Use Your Information
We use collected information for the following purposes:
| Purpose | Types of Information Used | Legal Basis (where applicable) |
|---|---|---|
| Service Provision To provide, maintain, and improve our Platform |
Account info, usage data, device info | Contractual necessity, legitimate interest |
| Account Management To create and manage user accounts |
Registration data, profile info | Contractual necessity |
| Content Delivery To process, store, and display user content |
Uploaded content, metadata | Contractual necessity |
| Communication To respond to inquiries and send service notifications |
Contact info, communication history | Contractual necessity, legitimate interest |
| Personalization To customize user experience and recommendations |
Usage data, preferences, browsing history | Consent, legitimate interest |
| Security & Protection To detect and prevent fraud, abuse, and security threats |
IP address, device info, usage patterns | Legitimate interest, legal obligation |
| Analytics & Improvement To analyze platform usage and improve services |
Aggregated usage data, analytics | Legitimate interest |
| Legal Compliance To comply with legal obligations and respond to legal requests |
All relevant information as required | Legal obligation |
| Marketing To send promotional communications (with consent) |
Contact info, preferences | Consent |
5. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process personal data based on the following legal grounds:
- Contractual Necessity: Processing necessary for performing our contract with you (providing services)
- Legitimate Interests: Processing necessary for our legitimate business interests, balanced against your rights
- Consent: Processing based on your explicit consent for specific purposes (marketing, certain cookies)
- Legal Obligation: Processing necessary to comply with legal requirements
- Vital Interests: Processing necessary to protect someone's life (emergency situations)
- Public Interest: Processing necessary for tasks in the public interest
You have the right to withdraw consent at any time where consent is the legal basis for processing. Withdrawal does not affect the lawfulness of processing before withdrawal.
6. Information Sharing & Disclosure
We may share your information in the following circumstances:
7. Data Retention & Storage
We retain personal information only as long as necessary for the purposes outlined in this policy:
| Data Type | Retention Period | Basis |
|---|---|---|
| Account Information | While account is active + 2 years after deactivation | Contract, legal requirements |
| Content Uploads | While account is active + 90 days after deletion | Service provision, user access |
| Communication Data | 3 years from last communication | Legal, service improvement |
| Usage Logs | 12 months from collection | Security, analytics |
| Payment Information | 7 years from transaction (as required by tax laws) | Legal obligation |
| Marketing Data | Until consent withdrawal + 30 days | Consent management |
We implement automated and manual processes to delete or anonymize data that is no longer needed. Some information may be retained longer when required by law or for legitimate business purposes.
8. Data Security Measures
We implement comprehensive security measures to protect your information:
Technical Security
- Encryption: Data in transit (TLS/SSL) and at rest (AES-256 encryption)
- Access Controls: Role-based access, multi-factor authentication for staff
- Network Security: Firewalls, intrusion detection systems, DDoS protection
- Regular Audits: Security assessments, vulnerability scanning, penetration testing
- Data Backup: Regular encrypted backups with disaster recovery plans
Organizational Security
- Employee Training: Regular privacy and security training for all staff
- Security Policies: Comprehensive information security policies and procedures
- Incident Response: Documented incident response plan for data breaches
- Vendor Management: Due diligence and contractual obligations for third parties
Note: While we implement robust security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but commit to promptly investigating and addressing any suspected security breaches.
9. Your Privacy Rights
Depending on your jurisdiction, you may have the following rights regarding your personal information:
Right to Access
Request a copy of the personal information we hold about you.
Right to Rectification
Request correction of inaccurate or incomplete information.
Right to Erasure (Right to be Forgotten)
Request deletion of your personal information under certain conditions.
Right to Restriction
Request temporary restriction of processing in specific circumstances.
Right to Data Portability
Receive your information in a structured, machine-readable format.
Right to Object
Object to processing based on legitimate interests or for direct marketing.
Right to Withdraw Consent
Withdraw consent at any time where processing is based on consent.
Right to Non-Discrimination
Not be discriminated against for exercising privacy rights (CCPA).
Right to Opt-Out of Sale/Sharing
Opt-out of sale or sharing of personal information (CCPA/CPRA).
Right to Limit Sensitive Information
Limit use of sensitive personal information (CPRA).
Exercising Your Rights: To exercise any of these rights, please contact us using the information in Section 15. We may need to verify your identity before processing certain requests. We aim to respond to valid requests within 30 days, as required by applicable laws.
10. Cookies & Tracking Technologies
We use cookies and similar technologies for various purposes:
Cookie Management: Most browsers allow you to control cookies through settings. You can usually modify browser settings to decline cookies or receive notifications when cookies are being sent. However, disabling certain cookies may affect platform functionality.
Do Not Track: Our Platform does not currently respond to "Do Not Track" signals. However, we provide other privacy controls as described in this policy.
11. Third-Party Services
Our Platform may contain links to or integrations with third-party services. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you use.
Common Third-Party Services:
- Analytics providers (Google Analytics, etc.)
- Advertising networks
- Social media platforms
- Payment processors
- Cloud service providers
12. Children's Privacy
cutiesbank.com is not intended for children under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly.
If you believe we might have any information from or about a child under 18, please contact us immediately using the information in Section 15.
13. International Data Transfers
Your information may be transferred to, stored, and processed in countries other than your country of residence. These countries may have data protection laws that differ from your country's laws.
When we transfer information internationally, we implement appropriate safeguards as required by applicable laws:
- Standard Contractual Clauses approved by the European Commission
- Privacy Shield certification (where applicable)
- Binding Corporate Rules
- Other legally recognized transfer mechanisms
By using our Platform, you consent to the transfer of your information to countries outside your country of residence, including the United States.
14. Policy Changes & Updates
We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. We will notify you of material changes by:
- Posting the updated policy on this page with a new "Last Updated" date
- Sending email notifications to registered users (for significant changes)
- Displaying prominent notices on the Platform (for major updates)
We encourage you to review this Privacy Policy periodically to stay informed about our information practices. Your continued use of the Platform after changes constitutes acceptance of the updated policy.
15. Contact Information
For privacy-related questions, concerns, or to exercise your privacy rights, please contact us:
Privacy Officer / Data Protection Officer
cutiesbank.com
[Company Legal Address]
Email: [email protected]
Phone: [Privacy Department Phone]
Data Protection Authority: If you are in the EEA and believe we have not addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority.
For general support inquiries, please visit our Support Page.
This Privacy Policy was last updated on November 17, 2025, and is effective immediately.