Privacy Policy

Last Updated: June 23, 2026

Introduction

This Privacy Policy describes how ClickFold Plastics (“we”, “us”, or “our”) collects, uses, and shares information about you when you use https://clickfold.com (the “Website”).

By using our Website, you agree to the collection and use of information in accordance with this policy. We respect your privacy and are committed to protecting your personal data.

Information We Collect

We collect the following types of information:

Personal Information: Name, email address, and other contact details you provide when you contact us.
Usage Data: IP address, browser type, device information, pages visited, time spent on pages, and other diagnostic data collected automatically.

How We Use Your Information

We use the information we collect for the following purposes:

To provide and maintain our Website.
To notify you about changes to our Website or services.
To provide customer support.
To detect, prevent, and address technical issues.
To communicate with you, including responding to your inquiries.
To analyze usage patterns and improve our Website.

Cookies and Tracking

We use cookies and similar tracking technologies to track activity on our Website and hold certain information.

Types of Cookies We Use:

Essential Cookies: Required for the Website to function properly. These cannot be disabled.
Preference Cookies: Remember your settings and preferences for a better experience.
Analytics Cookies: Help us understand how visitors interact with our Website. We use Google Analytics for this purpose.

We also use localStorage in your browser to save in-progress tasks and preferences. You can clear this in your browser settings.

Managing Cookies: You can instruct your browser to refuse all cookies or indicate when a cookie is being sent. However, some features of our Website may not function properly without cookies.

Information Sharing

We do not sell, trade, or rent your personal information to third parties.

We may share your information only in the following limited circumstances:

To comply with legal obligations.
To protect and defend our rights and property.
With your explicit consent.

We do not sell or share personal information for cross-context behavioral advertising.

Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

Encryption of data in transit using SSL/TLS
Secure storage of personal data
Regular security assessments
Access controls and authentication measures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

Data Retention Policy

We retain different categories of personal information for varying periods based on the purpose of collection, legal requirements, and legitimate business needs:

Retention Schedule:

Data Category	Retention Period	Justification
Account Information	Duration of account + 2 years	Service provision and legal claims
Transaction Records	7 years (legal requirement)	Tax and accounting requirements
Analytics Data	26 months	Service improvement
Marketing Data	Until consent withdrawn	Consent-based processing
Support Records	3 years after resolution	Quality assurance and dispute resolution

General Retention Policy: 2 years

Securely delete the information from our active systems.
Remove it from backups within 90 days.
Or anonymize the data so it can no longer identify you.
Comply with legal obligations.
Resolve disputes.
Enforce our agreements.
Protect against fraud or abuse.

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

Notify affected individuals within 72 hours of becoming aware of the breach.
Notify relevant supervisory authorities as required by applicable law (within 72 hours for GDPR).
Provide details about the nature of the breach, categories of data affected, and approximate number of individuals affected.
Describe the likely consequences of the breach.
Explain the measures taken or proposed to address the breach and mitigate potential adverse effects.

We maintain incident response procedures to ensure timely detection, investigation, and response to potential data breaches.

Do Not Track Disclosure

Do Not Track (“DNT”) is a privacy preference you can set in your browser. When you turn on DNT, your browser sends a signal to websites requesting that they do not track your browsing activity.

Currently, we do not respond to DNT signals. This is because there is no industry-standard interpretation of how to respond to DNT signals. We will update this policy if a standard is established.

Regardless of DNT settings, you can opt out of analytics tracking using the methods described in the Cookies section above.

Your Rights (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR):

Right to Access: Request copies of your personal data.
Right to Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure: Request deletion of your personal data (“right to be forgotten”).
Right to Restrict Processing: Request limitation of processing of your data.
Right to Data Portability: Request transfer of your data to another organization.
Right to Object: Object to processing of your personal data.
Right to Withdraw Consent: Withdraw consent at any time where we rely on consent.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

Legal Basis for Processing: We process your data based on the following legal grounds:

Processing Purpose	Legal Basis
Account Creation & Management	Necessary for contract performance (GDPR Art. 6(1)(b))
Analytics & Service Improvement	Our legitimate business interests (GDPR Art. 6(1)(f))
Marketing Communications	Your explicit consent (GDPR Art. 6(1)(a))
Payment Processing	Necessary for contract performance (GDPR Art. 6(1)(b))
Security & Fraud Prevention	Our legitimate business interests (GDPR Art. 6(1)(f))
Customer Support	Necessary for contract performance (GDPR Art. 6(1)(b))
Personalization	Your explicit consent (GDPR Art. 6(1)(a))

Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates applicable law. You can find your local data protection authority at:
:contentReference[oaicite:0]{index=0}

Data Subject Request Procedure

We have established the following procedure for exercising your data protection rights:

How to Submit a Request:

Send an email to [email protected] with the subject line “Data Subject Request”.
Specify which right you wish to exercise (access, rectification, erasure, portability, etc.).
Provide sufficient information to verify your identity and locate your data, including:
- Your full name and contact details.
- The specific data or processing activity your request relates to.
- Any relevant account identifiers or reference numbers.

Identity Verification: To protect your privacy, we may need to verify your identity before processing your request. This may include requesting government-issued identification or other verification methods.

We will acknowledge your request within 72 hours.
We will respond substantively within 30 days of receipt.
Complex requests may require an extension of up to 60 additional days, in which case we will notify you.

Fees: We do not charge a fee for processing legitimate data subject requests. However, we reserve the right to charge a reasonable fee for manifestly unfounded or excessive requests.

Appeals: If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know: Request categories and specific pieces of personal information we collected.
Right to Delete: Request deletion of your personal information (with legal exceptions).
Right to Correct: Request correction of inaccurate personal information.
Right to Opt-Out of Sale/Sharing: Opt out of sale or sharing for cross-context behavioral advertising.
Right to Non-Discrimination: We will not discriminate for exercising your rights.

We do not sell or share personal information for cross-context behavioral advertising.

We do not collect sensitive personal information as defined by CPRA.

How to Exercise Your Rights:

Submit a request to [email protected]. We will verify your identity and respond within 45 days.

Authorized Agents:

You may designate an authorized agent to make a request on your behalf. We will require proof of authorization.

Categories of Information We Collect:

Identifiers
Internet activity

Purposes for Collection:

Provide and maintain the Service
Analytics and service improvement
Security and fraud prevention
Customer support

Additional State Privacy Rights

STATE-SPECIFIC PRIVACY RIGHTS

We comply with the following state privacy laws: