1. Data Controller & Contact

Data Protection Officer (DPO)
Email: dpo@intersecthome.com
Phone: 1-669-786-1304

2. Data Collected & Legal Basis

A. Directly Collected Data

CategoryPurposeLegal BasisRetention Period
Name, Address, PhoneOrder FulfillmentContractual Necessity7 Years (IRS compliance)
Payment Data (Airwallex)Transaction ProcessingPCI-DSS Compliance12 Months (Fraud Audit)
Account PasswordUser AuthenticationLegitimate InterestUntil Deletion Request

B. Automatically Collected Data

  • Cookies: Session, analytics, advertising

C. Third-Party Sources

  • Credit Checks: Soft pulls via Experian for orders over $5,000
  • Social Media Data: Facebook Pixel for custom audience targeting

3. Data Usage & Machine Learning

A. Core Functions

  • Order processing
  • Fraud detection (via Signifyd)
  • Warranty and return management

B. Advanced Analytics

  • Predictive Inventory: Uses anonymized purchase data

C. Marketing

  • Lookalike Audiences: Built using Google Analytics 4 & Meta CAPI
  • Abandoned Cart Flows: Retargeting emails (opt-out via “Unsubscribe” link)

4. Data Sharing & Subprocessors

A. Legally Required Sharing

  • Tax Reporting: Shared with California CDTFA
  • Law Enforcement: Only upon valid subpoena

B. Third-Party Subprocessors

VendorServiceData TypeCertifications
AirwallexPaymentsCard DetailsPCI-DSS Level 1
ShipStationShippingAddress, PhoneSOC 2
HostingerHostingAll DataISO 27001
ZendeskSupport TicketsEmail, Order HistoryHIPAA

C. International Transfers

  • EU → US: Protected under the Data Privacy Framework

5. User Rights & Automated Tools

A. CCPA (California Residents)

B. GDPR (EU/UK Residents)

C. Automated Tools

  • Cookie Consent: Full control via Cookiebot
  • Universal Opt-Out: Supports Global Privacy Control (GPC) signals

6. Security & Breach Protocols

A. Technical Safeguards

  • Encryption: AES-256 (data at rest), TLS 1.3 (in transit)
  • Security Audits: Quarterly penetration tests via HackerOne

B. Breach Response

  • Notification: Within 72 hours per CA SB-327
  • Remedy: 12 months of IdentityForce credit monitoring for affected users

7. Children’s Privacy (COPPA)

  • Strict Age Gate: Users under 13 blocked via AgeChecker API
  • No Retention: Underage signup attempts are purged instantly
  • We immediately delete all data associated with underage signup attempts, including IP addresses and device identifiers

8. Policy Updates

  • Users notified via email 30 days prior to changes
  • We notify users of material changes via email and in-account banners 30 days prior to implementation.

Contact & Dispute Resolution

Privacy Queries
Email: privacy@intersecthome.com
Phone: 1-669-786-1304 (Mon–Fri, 10 AM–9 PM PST)
Mail: Attn: DPO, 681 Leavesley Rd, STE 98, Gilroy, CA 95020

Disputes:
Handled via JAMS Arbitration under AAA Rules

Note: No class actions permitted.