Privacy Policy

Overview

This Privacy Policy explains how GHI Solutions (“we,” “us,” “our”) collects, uses, and protects the personal information you provide when accessing our website, mobile applications, and related services (collectively, the “Services”). By using the Services, you agree to the data practices described herein. This Policy applies only to information we collect directly and does not cover third-party practices. We may amend this Policy from time to time; the “Effective Date” will reflect the latest revision.

Categories of Data Collected

We collect personal data you voluntarily submit, including identifiers (name, email), transactional details (order history, billing info), and preference data (communication settings, interests). Additionally, we gather technical data automatically, such as IP addresses, device type, browser version, and pages viewed. Cookies and tracking technologies facilitate site functionality, personalization, and analytics. We explicitly do not collect sensitive data categories, such as health or biometric information.

Purpose of Processing

Personal data is used to fulfill orders, process payments, and deliver requested products or services. We also employ data to provide customer support, send transactional notifications, and manage your account. With your consent, we may send marketing communications about promotions, new offerings, or events. Aggregated, anonymized data enables website optimization, performance monitoring, and trend analysis.

Legal Basis for Data Use

Where required by applicable law, we process personal data under these grounds: your consent, contractual necessity, legitimate interests, and legal compliance. Consent covers marketing messages you opt into. Contractual necessity relates to order fulfillment and service delivery. Legitimate interests include fraud prevention, system security, and internal analytics. We comply with legal obligations for record-keeping and regulatory reporting.

Third-Party Sharing

We share personal data only with third-party service providers who assist in payment processing, shipping, hosting, and analytics. Each provider is contractually bound to maintain data confidentiality and use it solely for agreed purposes. In a corporate transaction—such as a sale or merger—your data may transfer to a successor entity under comparable privacy protections. We may also disclose data when required by law enforcement or court order.

International Transfers

Your personal data may be transferred to and stored in countries outside your jurisdiction, including the United States and other regions. We implement appropriate safeguards—such as standard contractual clauses—to protect data during international transfers. By using the Services, you consent to cross-border data transfers as described herein. Local laws in recipient jurisdictions may require disclosure to governmental authorities.

Data Retention

We retain personal data only for as long as necessary to achieve the purposes set forth in this Policy or to comply with legal requirements. Transactional records and billing details are typically retained for seven years for tax and audit purposes. Upon account deletion, we will remove personal data from active systems, except where retention is mandatory. Anonymized analytics data may be stored indefinitely.

Security Measures

We deploy technical, administrative, and physical safeguards to protect personal data against unauthorized access, alteration, or destruction. Security measures include TLS encryption for data in transit, secure key management, role-based access controls, and regular vulnerability assessments. Access to personal data is restricted to personnel requiring it for legitimate business purposes. While we strive for robust security, no measure can guarantee absolute protection.

Cookies and Similar Technologies

We use cookies, web beacons, and local storage to recognize you on return visits, maintain session state, and personalize content. First-party cookies handle essential functionality, while third-party cookies (e.g., analytics and advertising partners) collect aggregate usage data. You can manage cookie preferences in your browser settings or through our cookie-preference center. Disabling non-essential cookies may impair certain features.

Children’s Privacy

Our Services are not intended for users under the age of 16. We do not knowingly collect or solicit personal data from children. If we learn that we have inadvertently collected personal data from a minor without parental consent, we will promptly delete that information. Parents or guardians who believe their child’s data has been collected may contact us to request removal.

User Rights

Subject to applicable law, you may have the right to access, rectify, erase, restrict, or port your personal data. You also can object to certain processing activities or withdraw marketing consent at any time. To exercise these rights, visit your account dashboard or submit a request through our privacy portal. We aim to respond within 30 days of receiving a valid request, unless a different timeframe applies under local law.

Policy Updates

We may update this Policy to reflect changes in our data practices, regulatory requirements, or business operations. Material changes will be communicated via a prominent notice on our homepage or within the Services. Continued use of the Services after notice constitutes acceptance of the revised Policy. Non-material updates will be reflected by updating the “Effective Date” only.

Contact and Complaints

If you have questions or concerns about this Policy or our data practices, you may submit an inquiry through our in-site help center or privacy portal. We will review and address your queries in accordance with applicable law. Should you remain dissatisfied, you have the right to lodge a complaint with a supervisory authority in your jurisdiction. We encourage you to contact us first so we can resolve issues directly.