Privacy Policy

1. Introduction

Channeled Letter (Channeled Letter) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our channeled letter services. We handle your data in accordance with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA), and other applicable laws.

2. Information We Collect

We collect the following information when you use our services:

2.1. Information You Provide

• Full name
• Email address
• Phone number (WhatsApp)
• Information about the deceased loved one (name, relationship, date of passing, etc.)
• Answers to the personalized questionnaire
• Messages and questions you wish to address to the deceased loved one

2.2. Payment Information

• Transaction data (processed by a secure payment gateway, such as Stripe)
• We do not store full credit card details
• Local payment-method information (where applicable)

2.3. Technical Information

• IP address
• Browser and device type
• Pages visited and time spent browsing
• Cookies and similar technologies

3. How We Use Your Information

We use your information for the following purposes, each supported by a valid legal basis (performance of a contract, legal obligation, legitimate interest, or your consent):

• Process and deliver your channeled letter order (performance of a contract)
• Communicate the status of your order via WhatsApp or email
• Process payments and prevent fraud (legitimate interest and legal obligation)
• Improve our services and user experience
• Send important service updates
• Answer questions and provide customer support
• Comply with legal and regulatory obligations
• Send marketing communications (only with your prior consent, which you can withdraw at any time)

4. Sharing of Information

We do not sell or rent your personal information, and we do not “sell” or “share” it as those terms are defined under the CCPA/CPRA. We only share data with third parties in the following situations:

• Service providers (processors): we share data with payment processors (such as Stripe), communication services (WhatsApp Business API, email services), and hosting providers, all bound by data processing agreements.
• Legal obligations: when required by law, court order, or a competent authority.
• Protection of rights: to protect our rights, property, safety, or those of third parties.
• Mediums: necessary information is shared with our mediums to produce the letter, always confidentially and securely.

5. Protection of Sensitive Data

We recognize that information about deceased loved ones and spiritual matters is highly sensitive and personal in nature. Therefore:

• All data is encrypted in transit and at rest
• Access is restricted to authorized staff and mediums
• We do not share the content of letters with third parties
• We apply strict security measures
• We train our team on confidentiality and ethics

6. Data Storage and Retention

We retain your information only for as long as necessary to:

• Fulfill the purpose for which it was collected
• Meet applicable legal, accounting, and tax requirements
• Resolve disputes and enforce our agreements

After that period, data is anonymized or securely deleted.

7. Your Rights (GDPR & CCPA/CPRA)

Depending on where you live, you have the following rights over your personal data:

• Access / Know: request information about the data we hold about you and how we use it.
• Correction: request correction of incomplete, inaccurate, or outdated data.
• Deletion: request deletion of your personal data, subject to legal obligations.
• Portability: request a copy of your data in a structured, commonly used format.
• Withdraw consent / Opt out: withdraw your consent at any time and opt out of the sale or sharing of personal information (we do not sell or share it).
• Object / Limit use: object to or restrict certain processing, including the use of sensitive personal information.
• Non-discrimination & complaint: exercise your rights without discriminatory treatment, and lodge a complaint with your data protection authority (e.g., your EU supervisory authority or the California Attorney General).

To exercise these rights, contact us through the channels available on the site. We will respond within the timeframes required by law.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Improve site functionality
• Analyze site usage and trends
• Personalize your experience
• Remember your preferences

We request your consent for non-essential cookies and honor opt-out preference signals where required. You can manage cookies at any time through your browser settings or our cookie preferences panel.

9. Information Security

We implement technical and organizational measures to protect your data:

• SSL/TLS encryption for data transmission
• Encrypted storage of sensitive data
• Role-based access control
• Continuous security monitoring
• Regular and secure backups
• Periodic security audits

10. Children's Privacy

Our services are intended for people aged 18 and over. We do not knowingly collect information from minors. If we learn that we have collected data from a minor without the consent of a parent or guardian, we will take steps to delete that information.

11. International Data Transfers

Your data may be transferred to and processed on servers located outside your country or region (primarily cloud services and payment processors). When this happens, we ensure appropriate safeguards in line with the GDPR, such as adequacy decisions or the European Commission's Standard Contractual Clauses.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the site or by email. The date of the most recent update will always appear at the top of this page.

13. Data Controller and Privacy Contact

For matters relating to data protection and the exercise of your rights, contact our privacy contact through the channels available on the site cartapsicografada.com.

14. Contact

For questions, requests, or complaints relating to this Privacy Policy, contact us via WhatsApp or email, available on the site cartapsicografada.com.