Introduction
This Global Privacy Policy (the "Policy") describes how ATHENA'S BEST® ("Company," "we," "our," or "us") collects, uses, discloses, and safeguards personal information across all current and future websites, subdomains, and online services (collectively, the "Services"). This Policy sets a global standard for privacy compliance and data protection in accordance with the highest international legal frameworks, including but not limited to the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the California Consumer Privacy Act and Privacy Rights Act (CCPA/CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), and the Brazilian General Data Protection Law (LGPD). It applies to all users regardless of geographic location.
1. Scope and Applicability
This Policy applies to all visitors, customers, and users of our Services, and to all data collected online or offline through any form of interaction. By using our Services, you consent to the practices described herein.
2. Information We Collect
We collect personal data directly and automatically, including identifiers (name, email, phone number, address), commercial data (transactions, purchases, payment methods), biometric and health data (where applicable), geolocation, internet activity, behavioral analytics, device identifiers, and any other data required for lawful and legitimate business operations.
3. Automated and AI‑Based Processing
We utilize Artificial Intelligence and Machine Learning ("AI/ML") technologies to analyze behavioral data, enhance service personalization, detect fraud, and improve user experience. Automated decision‑making may influence personalized recommendations or fraud prevention mechanisms, never without appropriate human oversight and legal safeguards.
4. How We Use Information
We process data for legitimate business purposes: service delivery, account management, communication, compliance, analytics, marketing, personalization, and platform security. Processing is always grounded in a lawful basis under applicable law.
5. Disclosure and Data Sharing
We do not sell personal data. We share information only with trusted service providers, payment processors, affiliates, analytics vendors, and legal authorities when required by law. Each third‑party partner is contractually obligated to maintain equivalent data protection standards.
6. International Data Transfers
Data may be processed and stored in the United States and other jurisdictions. All transfers comply with GDPR Chapter V and equivalent safeguards through Standard Contractual Clauses, adequacy decisions, or binding corporate rules.
7. Data Retention
Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Retention schedules are periodically reviewed for compliance and minimization.
8. Children's Privacy
We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect data from children under 13 years old (or 16 in applicable jurisdictions) without verifiable parental consent. Parents may contact us to review or delete their child's data at any time.
9. Your Rights
Depending on your jurisdiction, you may have the right to access, correct, delete, restrict processing, object to processing, port your data, or withdraw consent. Requests can be submitted using the contact information below.
10. Security and Safeguards
We employ administrative, technical, and physical safeguards that meet or exceed industry standards, including encryption, pseudonymization, role‑based access controls, multi‑factor authentication, and continuous threat monitoring.
11. Cookies and Tracking Technologies
We use cookies, web beacons, and similar tools for site functionality, analytics, and marketing. Users can control cookie preferences via browser settings or our Cookie Management Tool.
12. Cross‑Border Compliance
This Policy incorporates global privacy principles such as lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, integrity, and accountability. These principles apply uniformly across all operations and subsidiaries.
13. Data Protection Officer and Contact
We maintain a designated Data Protection Officer ("DPO") to oversee compliance. Users may exercise their rights or submit complaints via:
Email: info@athenasbest.com
Phone: 207-947-1999
Address: PO Box 52, Detroit, ME 04929
14. Updates to This Policy
We may update this Policy to reflect legal, technical, or business developments. The latest version will always be available on our website, with a new 'Last Updated' date. Continued use of our Services constitutes acceptance of any modifications.