*FREE SHIPPING
on Orders over $29.99
*FREE EXPRESS SHIPPING
on Orders over $129
EASY & FREE RETURNS
*Conditions Apply
Made in USA Made to Order Luxe Collection
Search
Made in USA Made to Order Luxe Collection
Menu
Search
Home
My Cart
Me

 INTRODUCTION

1.1 Overview of Gaiabay

Gaiabay is a business-to-consumer (B2C) online marketplace operated by UV Stacks Inc. It enables seamless cross-border trade, primarily connecting businesses based in India with consumers located in the United States. The platform provides a diverse range of products, including electronics, apparel, home goods, and personal care items, allowing customers to access high-quality goods directly from international sellers.

As a global e-commerce entity, Gaiabay prioritizes data privacy and security, ensuring that user information is handled responsibly and in compliance with international data protection standards. We recognize the importance of safeguarding personal information and are committed to maintaining transparency regarding data collection, storage, and usage.

1.2 Purpose of This Privacy Policy

This Privacy Policy outlines how Gaiabay collects, uses, shares, and protects user data. It serves to inform users about their rights and the measures Gaiabay has implemented to secure personal information while ensuring compliance with relevant laws and regulations.

Gaiabay adheres to the highest standards of data protection by following key legal frameworks, including but not limited to:

California Consumer Privacy Act (CCPA) – Governing the rights of California residents concerning their personal information, including the right to access, delete, and opt out of data sharing.

This policy applies to all users, including customers, business partners, and third-party service providers interacting with Gaiabay's website, applications, and services.

By using Gaiabay.com, users expressly consent to the collection, processing, and storage of their personal data as described in this Privacy Policy. If users do not agree with the terms set forth, they are advised to discontinue using the platform.

This Privacy Policy aims to provide clarity, transparency, and accessibility in understanding how Gaiabay handles personal data while respecting user privacy and complying with legal obligations.

 

II. DATA COLLECTION

2.1 Types of Data Collected

Gaiabay collects different types of data to provide a seamless shopping experience while ensuring compliance with legal and security requirements. The data collected falls into the following categories:

Personal Data:

  • Personal data refers to information that can directly or indirectly identify an individual.

  • Identity Information: Includes name, age, gender, and government-issued identification documents (if required for verification purposes).

  • Contact Information: Includes email address, phone number, shipping address, and billing address to facilitate communication, order processing, and delivery.

  • Financial Information: Payment details, including credit/debit card information, digital wallet details, and transaction history. Gaiabay does not store full payment details; instead, they are securely processed through third-party payment gateways that comply with industry standards such as PCI-DSS.

  • Usage Information: Details regarding browsing activity, search history, order history, shopping preferences, interactions with the platform, and customer service inquiries.

  • Technical Data: Includes IP address, browser type, operating system, device type, and unique device identifiers, which help improve user experience and security.

Sensitive Personal Data (With Explicit Consent):

Gaiabay only collects sensitive personal data when explicitly required for verification and security purposes. This includes:

  • Government-issued identification (e.g., Aadhaar, Social Security Number, Passport) to verify identity and prevent fraudulent transactions.

  • Payment and banking information required for processing refunds, withdrawals, and transactions.

Non-Personal Data:

  • Non-personal data includes information that does not directly identify an individual but is used to enhance platform performance and marketing efforts.

  • Aggregated or anonymized data collected for analytics, customer behavior trends, and marketing insights.

2.2 How We Collect Data

Gaiabay collects data through multiple channels to ensure seamless service and enhance user experience.

1. Direct Collection:

  • Users voluntarily provide information when they:

  • Create an account on the platform.

  • Complete or update their profile.

  • Place an order or complete a transaction.

  • Submit a query, complaint, or request through customer support.

  • Participate in surveys, contests, or promotional campaigns.

  • Submit product reviews or engage in community interactions.

2. Automated Collection:

Gaiabay utilizes automated technologies to gather data when users interact with the platform.

  • Cookies & Tracking Technologies: Cookies and similar tracking technologies collect session data, user preferences, and browsing behavior.

  • Analytics Tools: Gaiabay uses third-party analytics tools to track user engagement, session durations, and navigation patterns.

  • Log Files: System logs automatically capture technical data such as IP addresses, device types, and page response times.

3. Third-Party Sources:

Gaiabay partners with external services to enhance platform operations and improve user experience.

  • Payment Processors: Payment gateways securely process financial transactions and provide fraud detection insights.

  • Logistics Providers: Shipping partners provide tracking updates and delivery confirmations.

  • Social Media Integrations: If users link their accounts with social media platforms, basic profile information (such as name and profile picture) may be collected based on user permissions.

Gaiabay remains committed to transparency and data security, ensuring that collected data is processed in compliance with applicable privacy laws and used solely for the intended purposes outlined in this policy.

III. DATA USAGE & PURPOSES

Gaiabay utilizes the collected data to provide, enhance, and secure its services while ensuring compliance with applicable laws. The data usage operates through the following mechanisms:

1. Service Delivery

Data is essential for delivering a seamless shopping experience. The following processes ensure efficient order management and fulfillment:

  • Processing Orders: Personal and financial data is used to confirm orders, generate invoices, and facilitate payment transactions through secure third-party gateways.

  • Managing Accounts: Users' identity and contact information enable account authentication, login verification, and profile maintenance.

  • Fulfilling Transactions: Logistics partners use shipping and billing details to ensure smooth delivery, while order tracking data keeps users informed about the status of their purchases.

  • Customer Support: Users' previous interactions, order history, and communication logs help resolve queries and complaints efficiently.

2. Personalization

Gaiabay uses data analytics to tailor user experience and improve service recommendations:

  • Customized Product Recommendations: Browsing history, purchase trends, and user preferences are analyzed to display relevant product suggestions.

  • Enhanced User Interface: Technical data, such as device type and browsing behavior, optimizes the website and app interface for a seamless experience.

  • Preference-Based Notifications: Users receive personalized alerts on price drops, restocked items, and category-based promotions based on their interests.

3. Marketing (With Consent)

Gaiabay leverages data-driven insights for promotional activities, ensuring users receive relevant marketing content:

  • Promotional Emails & Newsletters: Users who opt-in receive periodic emails regarding new products, exclusive discounts, and seasonal campaigns.

  • Targeted Advertisements: Analytics tools help segment users based on demographics and behavior, ensuring advertisements are relevant to their interests.

  • Affiliate & Partner Promotions: Data may be used to introduce exclusive deals from partnered brands, subject to user preferences.

  • Social Media Engagement: With user consent, interactions with Gaiabay’s platform may be utilized for remarketing via third-party advertising platforms.

4. Compliance & Security

Gaiabay upholds strict data security measures to protect user information and ensure regulatory adherence. The following mechanisms are in place to ensure compliance and safeguard user data:

Fraud Detection & Prevention

  • Gaiabay employs AI-driven security mechanisms that analyze transactions in real-time to identify unusual patterns, reducing the risk of fraudulent activities.

  • Multi-layered fraud detection algorithms monitor user behavior, flagging suspicious logins, transactions, and unauthorized attempts.

  • Risk assessments are conducted regularly to enhance fraud prevention strategies and improve platform security.

Regulatory Compliance

  • Gaiabay strictly adheres to major data protection laws, including CCPA (California Consumer Privacy Act)

All user data is processed in accordance with the applicable legal frameworks governing data privacy and protection.

Users are informed of their rights and given access to manage their data per regulatory requirements.

Dispute Resolution

  • Gaiabay maintains detailed transaction logs to assist in resolving payment disputes, refund requests, and consumer complaints.

  • Users can raise disputes through a structured complaint resolution process, where stored data is used for verification.

  • Legal and arbitration support is provided when necessary, ensuring fair handling of complaints and claims.

Access Controls & Monitoring

  • All sensitive user data is stored in encrypted databases with state-of-the-art security measures.

  • Multi-factor authentication (MFA) and role-based access controls (RBAC) are in place to restrict access to sensitive data.

  • Regular security audits and penetration testing are conducted to identify vulnerabilities and enhance security protocols.

Gaiabay remains committed to transparency in data usage and continuously enhances its security infrastructure to safeguard user privacy.

IV. DATA SHARING & TRANSFERS

4.1 Third-Party Disclosures

Gaiabay may share user data with third parties in the following ways:

Service Providers

  • Payment processors (e.g., PayPal, Stripe) handle transaction processing securely.

  • Cloud storage providers ensure safe storage and backup of user data.

  • Analytics firms help track website performance and enhance user experience.

Business Partners

  • Vendors and sellers receive necessary transaction details for order fulfillment.

  • Logistics providers (e.g., shipping carriers) use address details to deliver products efficiently.

  • Advertising partners may receive anonymized data to improve marketing strategies.

Regulatory Authorities

  • Gaiabay may disclose data when required by law enforcement agencies, courts, or regulatory bodies in response to legal obligations.

  • Such disclosures occur only under strict legal oversight and necessary data protection safeguards.

4.2 Cross-Border Data Transfers

As an international marketplace, Gaiabay facilitates cross-border transactions, which may involve transferring data across different jurisdictions. To ensure legal and secure data transfers:

  • Standard Contractual Clauses (SCCs) are implemented to comply with international data protection laws.

  • Data is stored in secure global data centers with compliance to regional data privacy regulations.

  • Users are notified about cross-border data transfers and provided with the option to manage their data preferences.

V. USER RIGHTS & CHOICES

Gaiabay is committed to ensuring that users have full control over their personal data. Depending on the jurisdiction, users have various rights under applicable data protection laws. Below are the detailed rights and how they can be exercised.

5.1 Rights Under CCPA (For US Consumers)

Under the California Consumer Privacy Act (CCPA), California residents have specific rights regarding their personal data. These rights include:

  • Right to Access: Users can request detailed information about the personal data Gaiabay has collected, used, shared, or disclosed in the past 12 months. Users can also obtain a copy of their personal data in a portable format.

  • Right to Correction: Users can request corrections to any inaccurate or outdated personal information stored by Gaiabay.

  • Right to Deletion: Users can request that their personal data be deleted, subject to certain exceptions (e.g., compliance with legal obligations, fraud prevention, or transactional requirements).

  • Right to Opt-Out of Sale of Personal Data: Users can opt out of the sale or sharing of their personal data to third parties for targeted advertising or other commercial purposes.

  • Right to Non-Discrimination: Users who exercise their privacy rights under CCPA will not face discrimination in terms of service, pricing, or access to benefits.

How to Exercise CCPA Rights:

  • Users can submit requests via [Insert Online Form URL] or contact [Insert Contact Information].

  • Requests will be processed within 45 days of submission, with an option for an extension if required.

  • To verify identity, Gaiabay may request additional documentation or confirmation via a registered email address.

5.2 Exercising Your Rights

Users who wish to exercise their rights under CCPA, , or other applicable laws can follow these steps:

Submit a Request:

  • Users can request access, correction, deletion, or data portability via [Insert Request Portal].

  • Alternatively, users can email at support.gaiabay.com.

Identity Verification:

  • Users may be asked to verify their identity by providing relevant account details or identification documents.

  • For security reasons, Gaiabay does not disclose or modify data without proper authentication.

Response Timeframes:

  • CCPA requests will be processed within 45 days.

  • If an extension is required, users will be notified in advance.

Alternative Dispute Resolution:

  • Users who are dissatisfied with Gaiabay’s response may file a complaint with the data protection authority in their jurisdiction.

  • Gaiabay remains committed to user privacy and ensures that data rights are upheld in accordance with applicable regulations.

VI. DATA RETENTION & SECURITY

6.1 Retention Policy

Gaiabay follows a structured data retention policy to ensure that user information is stored only for as long as necessary to fulfill business, legal, and regulatory obligations. The retention policy operates as follows:

  • Active Retention Period: User data is retained while the account remains active and for the duration of ongoing transactions, customer service inquiries, or legal compliance needs.

  • Business & Legal Requirements: Certain data elements (e.g., transaction records, payment details, and legal agreements) are retained for periods mandated by tax laws, financial regulations, and legal statutes.

  • Anonymization & Deletion: Upon the expiration of the retention period, data is securely deleted or anonymized to prevent identification. Anonymized data may be used for analytics, trend analysis, and business insights without compromising user privacy.

  • User-Initiated Deletion Requests: Users can request deletion of their personal data, subject to legal and regulatory constraints, by contacting Gaiabay’s Privacy Officer at [Insert Contact Information].

Gaiabay ensures that retention practices align with global data protection laws, including CCPA.

6.2 Security Measures

Gaiabay implements robust security measures to protect user data from unauthorized access, breaches, and cyber threats. The platform employs the following security mechanisms:

1. Encryption & Secure Storage

  • All sensitive data (e.g., financial information, passwords, identity details) is encrypted using AES-256 encryption and stored securely on protected servers.

  • Secure Socket Layer (SSL/TLS) encryption is used for all data transmissions to prevent unauthorized interception.

  • Multi-layered encryption protocols ensure that user data remains confidential during storage and transmission.

2. Access Controls

  • Role-Based Access Control (RBAC) ensures that only authorized personnel have access to specific user data.

  • Multi-Factor Authentication (MFA) is required for internal system access to mitigate unauthorized data exposure.

  • Logging and monitoring mechanisms track all data access activities, allowing for real-time auditing and compliance verification.

3. Regular Security Audits & Monitoring

  • Penetration Testing & Vulnerability Scanning: Routine security tests are conducted to identify and address potential vulnerabilities.

  • Automated Intrusion Detection Systems (IDS): Real-time monitoring systems flag suspicious activities and mitigate security threats.

  • Incident Response Plan: In the event of a security breach, Gaiabay follows a structured incident response framework, including notification to affected users and regulatory authorities as required by law.

4. Compliance with Global Security Standards

Gaiabay adheres to industry security best practices, including compliance with ISO/IEC 27001, PCI-DSS, GDPR, CCPA, and DPDP 2023.

  • Data Backup & Disaster Recovery: Regular backups are maintained in geographically distributed secure locations to ensure business continuity in the event of a system failure.

  • User Awareness & Training: Employees and stakeholders undergo security training to prevent phishing, social engineering attacks, and unauthorized data sharing.

  • Gaiabay remains dedicated to continuously enhancing its security measures, ensuring that user data is protected from evolving cyber threats and vulnerabilities.

VII. COOKIES & TRACKING TECHNOLOGIES

Gaiabay utilizes cookies and other tracking technologies to enhance user experience, improve website performance, and enable targeted marketing. These technologies are used in the following ways:

7.1 Types of Cookies Used

Essential Cookies:

  • Required for website functionality, including user authentication and account management.

  • Enabling features such as shopping carts, secure logins, and payment processing.

Performance & Analytics Cookies:

  • Help track website traffic, user interactions, and performance metrics.

  • Used to optimize website speed, content delivery, and user experience based on behavioral insights.

Functional Cookies:

  • Store user preferences such as language, currency, and region settings.

  • Enable personalized features, such as saved shopping carts and tailored recommendations.

Advertising & Targeting Cookies:

  • Used to deliver relevant advertisements based on browsing behavior and preferences.

  • Enable third-party ad networks and social media platforms to show personalized ads.

7.2 How Cookies Are Used

  • Cookies are used to remember login credentials for seamless account access.

  • Analytics tools, such as Google Analytics, help track site performance and identify user engagement trends.

  • Retargeting ads are served based on past visits and browsing behavior.

  • Security and fraud prevention mechanisms rely on cookies to detect suspicious activities.

7.3 Managing Cookie Preferences

Users can control or disable cookies through their browser settings. However, disabling certain cookies may impact the functionality of the website. Options include:

  • Adjusting browser settings to refuse cookies or alert users when a cookie is being placed.

  • Managing preferences through Gaiabay’s cookie settings panel.

  • Opting out of interest-based advertising through industry-standard platforms such as the Network Advertising Initiative (NAI) or Digital Advertising Alliance (DAA).

Gaiabay is committed to transparency regarding cookie usage and ensures compliance with relevant data privacy regulations, including CCPA.

VIII. LEGAL COMPLIANCE & UPDATES

8.1 Compliance with Laws

Gaiabay strictly adheres to national and international data protection regulations to ensure compliance with the highest legal standards. The platform operates in accordance with the following:

California Consumer Privacy Act (CCPA) (US Consumers)

  • Provides California residents with rights to access, correct, delete, and opt-out of data selling or sharing.

  • Requires businesses to disclose data collection practices and honor user privacy preferences.

Children's Online Privacy Protection Act (COPPA) (US)

  • Prohibits collection of personal data from children under 13 without parental consent.

  • Implements safeguards to protect minors from data exploitation.

Payment Card Industry Data Security Standard (PCI-DSS)

  • Ensures that all payment transactions comply with security requirements to prevent fraud.

  • Mandates encryption and tokenization of financial data for secure transactions.

Compliance Monitoring & Audits

  • Gaiabay conducts regular internal audits and third-party assessments to ensure compliance with evolving legal standards.

  • Privacy Impact Assessments (PIA) are performed for new features to evaluate data security risks.

  • Continuous monitoring of regulatory changes ensures updates to privacy policies and practices as required by law.

  • Gaiabay remains committed to full transparency in legal compliance, prioritizing user rights and data protection.

8.2 Policy Updates

Gaiabay reserves the right to modify this Privacy Policy periodically to reflect changes in legal requirements, technological advancements, and business operations. Updates to the policy will be carried out as follows:

  • Notification of Changes: Users will be notified of significant changes via email, website banners, or in-app alerts.

  • Effective Date: All updates will have a clearly stated effective date, ensuring transparency in policy modifications.

  • User Review & Consent: Users may be required to review and accept significant policy changes before continuing to use Gaiabay’s services.

  • Archived Versions: Previous versions of the policy will be archived and made available for reference upon request.

  • Accessibility: The most current version of the Privacy Policy will always be accessible on Gaiabay.com, allowing users to stay informed about how their data is handled.

By continuing to use Gaiabay’s services after policy updates, users acknowledge and agree to the revised terms. Gaiabay encourages users to periodically review this policy to stay informed about data protection practices and their rights.

IX. CONTACT INFORMATION

For any questions, requests, or concerns regarding this Privacy Policy or data handling practices, users may contact Gaiabay’s Privacy Officer through the following channels:

  • Email: support@gaiabay.com – For general inquiries, data requests, and privacy-related concerns.

  • Mailing Address: 2189 S m Grand Ave, Santa Ana - 92705 – For formal written correspondence or requests.

Response & Processing Time

Gaiabay aims to respond to all privacy-related inquiries within 30 days from the date of receipt. However, complex requests or legal compliance issues may require additional processing time. Users will be notified of any expected delays.

Alternative Escalation Channels

If users are dissatisfied with the response received, they may escalate their concerns to the relevant Data Protection Authority (DPA) based on their jurisdiction.

Gaiabay remains committed to addressing all user concerns efficiently while maintaining full compliance with applicable privacy regulations.