Privacy Policy

Privacy Policy for MalibuPreciousMetals.com

Last Updated: February 9, 2025

This Privacy Policy describes how The Malibu Company (“we”, “us”, “our”) collects, uses, stores, and protects the personal information of visitors and users of our website, www.malibupreciousmetals.com (“Website”). We are committed to protecting your privacy and ensuring that your personal data is handled in a secure and transparent manner in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

1. Information We Collect

We collect personal information in the following ways:

  • Personal Identification Information: When you make a purchase, sign up for newsletters, or contact us through the Website, we may collect personal information such as your name, email address, phone number, physical address, and payment details.
  •  Technical Data: We may collect technical data such as your IP address, browser type, operating system, and browsing behavior on the Website through the use of cookies and similar technologies.
  • Usage Data: We may collect information about how you use the Website, including the pages you visit, the time you spend on the site, and the links you interact with.
2. How We Use Your Information

We use your personal data for the following purposes:

  • To Process Transactions: To complete and fulfill your orders, including sending order confirmations, invoices, and shipping details.
  •  Customer Support: To respond to your inquiries, provide customer support, and manage your account.
  •  Marketing and Communications: To send you promotional emails, newsletters, or updates about our products and services (you may opt-out of these communications at any time).
  • Legal and Regulatory Compliance: To comply with our legal obligations, resolve disputes, and enforce our agreements.
  • Website Improvement: To improve the functionality, user experience, and performance of our Website.
3. How We Share Your Information

We may share your personal data with trusted third-party service providers to facilitate our services, including:

  • Payment Processors: To process payment transactions.
  • Shipping Companies: To ship orders to your provided address.
  • Marketing Platforms: To send you promotional emails and newsletters (with your consent).
  •  Legal and Regulatory Authorities: If required by law, or if we believe such action is necessary to comply with a legal obligation, protect our rights, or defend against legal claims.

We will never sell, rent, or lease your personal information to third parties for marketing purposes without your explicit consent.

4. Data Storage and Security

We implement reasonable technical and organizational measures to protect your personal data from unauthorized access, loss, alteration, or disclosure. These measures include encryption, firewalls, and secure servers.

However, please be aware that no method of data transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee the security of any data you transmit to us, and you do so at your own risk.

5. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

  •  Right to Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to request corrections or updates to inaccurate or incomplete personal data.
  •  Right to Erasure: You have the right to request that we delete your personal data, subject to certain exceptions.
  • Right to Restriction of Processing: You have the right to request that we limit the processing of your personal data.
  •  Right to Data Portability: You have the right to request that we transfer your personal data to another service provider in a structured, commonly used, and machine-readable format.
  •  Right to Object: You have the right to object to the processing of your personal data, including for marketing purposes.
  • Right to Withdraw Consent: If we rely on your consent to process your personal data, you have the right to withdraw your consent at any time.

To exercise any of these rights, please contact us at cameron@malibupreciousmetals.com or write to us at our physical address:

 

HEAT HOLDINGS CORP.

8950 SW 74th CT, STE 1606

Miami, FL 33156

 

We will respond to your request within the timeframes established by law.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our Website, analyze usage patterns, and provide personalized content. Cookies are small files stored on your device that enable us to remember your preferences and actions. You may manage your cookie preferences through your browser settings, but please note that disabling cookies may affect the functionality of the Website.

For more detailed information about the cookies we use, please refer to our [Cookie Policy].

7. International Data Transfers

Your personal data may be transferred to and stored on servers located outside of your country of residence. If you are located in the European Economic Area (EEA), please be aware that such transfers may involve countries that do not have the same data protection laws as your home country. However, we ensure that adequate safeguards are in place to protect your personal data in compliance with applicable data protection laws.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

9. Third-Party Websites

Our Website may contain links to third-party websites or services. This Privacy Policy does not apply to these third-party sites, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party websites you visit.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational, legal, or regulatory reasons. Any updates will be posted on this page with the updated “Last Updated” date. Please review this Privacy Policy periodically to stay informed about how we are protecting your personal data.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at:

Email: cameron@malibupreciousmetals.com

Mailing Address:

HEAT HOLDINGS CORP.

8950 SW 74th CT, STE 1606

Miami, FL 33156

By using our Website, you consent to the terms of this Privacy Policy.

12. Childrens Privacy

Our Website is not intended for individuals under the age of 16, and we do not knowingly collect or process personal data from children. If we become aware that we have inadvertently collected personal data from a child under the age of 16, we will take steps to delete that information as soon as possible. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at cameron@malibupreciousmetals.com, and we will take the necessary action to delete such data.

13. Legal Basis for Processing Personal Data (for EEA Users)

If you are a resident of the European Economic Area (EEA), we process your personal data based on one or more of the following legal grounds:

  • Consent: We may process your personal data based on your explicit consent (for example, when you subscribe to our newsletter or provide us with your contact information).
  • Contractual Necessity: We process your personal data as necessary to perform a contract or take steps to enter into a contract with you (for example, to process your order and deliver our products).
  •  Legal Obligation: We may process your data to comply with our legal obligations (for example, tax or accounting requirements).
  • Legitimate Interests: We may process your personal data to pursue legitimate interests, provided that such processing does not outweigh your rights and freedoms. These legitimate interests may include improving our Website, sending marketing communications, and maintaining the security of our services.
14. Marketing Communications

By subscribing to our email list, creating an account, or making a purchase, you may receive marketing communications from us. You can opt out of these communications at any time by clicking the unsubscribe link at the bottom of any email or by contacting us directly at cameron@malibupreciousmetals.com.

We respect your right to privacy, and you have the ability to stop receiving marketing communications at any time without any negative impact on your access to our services.

15. Compliance with the California Consumer Privacy Act (CCPA)

If you are a resident of California, you may have additional rights under the California Consumer Privacy Act (CCPA), including:

  • Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you in the past 12 months.
  • Right to Delete: You can request that we delete your personal information, subject to certain exceptions.
  • Right to Opt-Out: You can opt out of the sale of your personal information, although we do not sell personal information to third parties.
  • Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise any of these rights, please contact us at cameron@malibupreciousmetals.com. We will respond to your request in accordance with CCPA requirements.

16. Governing Law and Dispute Resolution

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Florida, USA, without regard to its conflict of law principles. If you have any concerns or complaints regarding the processing of your personal data, you may contact us as outlined above. If you are not satisfied with our response, you may have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction.

17. Consent

By using our Website, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree with the terms outlined in this policy, we ask that you do not use our Website. Your continued use of the Website will be considered your consent to the terms of this Privacy Policy.

18. Automated Decision-Making and Profiling

We do not engage in automated decision-making or profiling that significantly affects you, such as decisions based solely on automated processing, including profiling, that would have a legal or similarly significant effect on you.

If we ever introduce such processes in the future, we will notify you and ensure that your rights under applicable data protection laws are respected.

19. International Transfers of Personal Data

As part of our business operations, your personal data may be transferred to and stored in countries outside the European Economic Area (EEA) and outside the country where you reside. In some cases, this may involve transfers to countries that do not have the same level of data protection laws as those in the EEA or your home country.

When transferring your personal data internationally, we ensure that appropriate safeguards are in place to protect your data in accordance with applicable data protection laws, including the use of European Commission-approved standard contractual clauses, where necessary.

20. How to Contact Us

If you have any questions, concerns, or requests regarding your personal data or this Privacy Policy, please do not hesitate to contact us:

Email: cameron@malibupreciousmetals.com

Mailing Address:

HEAT HOLDINGS CORP.

8950 SW 74th CT, STE 1606

Miami, FL 33156

We are committed to ensuring that your privacy is respected, and we will respond to all inquiries in a timely and transparent manner.

21. Change to this privacy policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other operational or regulatory needs. When we make significant updates, we will notify you by posting a notice on our Website or by sending you an email (if we have your contact information). The revised Privacy Policy will be effective as of the last update date listed at the top of the document. Please review this Privacy Policy periodically to stay informed about how we are protecting your personal data.

22. Data Protection Officer (DPO)

If required by applicable law or in the event we designate a Data Protection Officer (DPO), the DPO will be responsible for overseeing the implementation of data protection policies and ensuring compliance with relevant data protection laws.

At this time, The Malibu Company does not have a designated Data Protection Officer. However, for any privacy-related inquiries or concerns, please feel free to reach out to us directly at cameron@malibupreciousmetals.com.

23. Monitoring and Analytics

We may use third-party analytics tools (such as Google Analytics) to collect and analyze information about how you interact with our Website. These tools help us understand trends, measure the effectiveness of our Website, and improve your user experience. These services may collect data such as your IP address, browser type, and usage patterns on the Website. The information collected is used in aggregate form and does not personally identify you.

To learn more about Google Analytics and how it collects and processes data, visit Google’s Privacy Policy. You can also opt-out of Google Analytics tracking by using the Google Analytics Opt-Out Browser Add-On.

24. Security of Payments and Financial Information

We take the security of your payment and financial information seriously. Our payment processors utilize industry-standard encryption technology to protect your personal and financial data during transactions. We do not store full payment information (such as credit card numbers) on our servers. For added security, we rely on trusted third-party payment processors who comply with relevant regulations, including the Payment Card Industry Data Security Standard (PCI DSS).

However, please note that while we take reasonable precautions to safeguard your information, no online transaction system can be completely secure. By submitting your personal and financial information, you acknowledge and accept the inherent risks associated with transmitting data over the internet.

25. Consent to Data Collection and Processing

By using the Website and providing us with your personal information, you consent to the collection, use, storage, and processing of your data as outlined in this Privacy Policy. If you do not agree with any of the terms of this Privacy Policy, please refrain from using our Website and providing us with your data.

26. Email Communications and Opt-Out

You have the right to opt out of receiving email communications from us at any time. If you no longer wish to receive promotional or marketing emails from us, simply click on the “unsubscribe” link at the bottom of any email you receive from us or contact us directly at cameron@malibupreciousmetals.com.

Opting out of email communications will not affect your ability to receive transactional emails, such as order confirmations or account-related notices, which are essential to completing your transactions with us.

27. Accessing, Updating, and Deleting Your Personal Data

You may access, update, or request the deletion of your personal data at any time. To do so, you can:

  • Contact us directly at cameron@malibupreciousmetals.com to request a copy of your data or request updates.
  •  You can also ask us to delete or correct your personal data if you believe it is incorrect or no longer necessary for the purposes for which it was collected.

We will respond to all requests in accordance with applicable data protection laws. Please note that in certain circumstances, we may be required to retain certain personal data for legal or operational reasons, even if you request deletion.

28. Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred as part of the transaction. We will take appropriate steps to ensure that your data is treated with the same level of privacy protection in such cases.

29. Notice for EU and EEA Users

For users located within the European Union (EU) or the European Economic Area (EEA), please be aware that The Malibu Company complies with the General Data Protection Regulation (GDPR). This regulation provides additional protections for your personal data, and you have specific rights with respect to how your data is collected, processed, and stored.

If you wish to lodge a complaint or if you believe we are not processing your data in accordance with the GDPR, you have the right to file a complaint with the relevant supervisory authority in your country.

30. Links to Third-Party Websites

Our Website may contain links to external websites that are not operated or controlled by us. This Privacy Policy only applies to the personal data we collect through our Website. We are not responsible for the privacy practices or content of external websites. We recommend that you read the privacy policies of any third-party websites you visit.

31. Third-Party Service Providers

We may engage third-party service providers who assist in providing certain aspects of our services, such as hosting, payment processing, and customer support. These providers may have access to your personal data solely for the purpose of assisting us with these services, and they are obligated to safeguard your data in accordance with relevant privacy laws.

We ensure that all third-party service providers are compliant with data protection laws and that appropriate data protection agreements are in place to safeguard your privacy.

Conclusion

At The Malibu Company, we prioritize the privacy and security of your personal data. By using our Website, you acknowledge and consent to the collection, use, and processing of your personal information in accordance with this Privacy Policy. If you have any questions or concerns, please feel free to reach out to us directly.

Thank you for trusting MalibuPreciousMetals.com for your precious metals investment needs.

32. Data Integrity and Accuracy

We strive to ensure that the personal data we collect is accurate, complete, and up to date for the purposes for which it is used. It is important that you provide us with accurate and up-to-date information when interacting with our Website, such as when placing an order or registering for an account. If you believe any of the information we hold about you is inaccurate or incomplete, please contact us, and we will take the necessary steps to rectify it.

33. Retention of Personal Data

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including to meet legal, accounting, or reporting requirements. The criteria used to determine the retention period include:

  • The length of time we need to retain the data to provide you with the services you have requested.
  •  The period required to comply with legal obligations (e.g., tax laws or compliance regulations).
  • Whether you have consented to longer retention periods, such as for marketing purposes.
  •  The existence of any ongoing business relationships, contracts, or disputes.

Once your personal data is no longer necessary for the purposes stated above, it will be securely deleted or anonymized.

34. Data Subject Requests

As part of our commitment to respecting your privacy, we comply with your rights under applicable data protection laws. You may exercise the following rights regarding your personal data:

  • Right to Access: Request a copy of your personal data that we process.
  • Right to Rectification: Request correction of inaccurate or incomplete personal data.
  • Right to Erasure (Right to be Forgotten): Request that we delete your personal data in specific circumstances, such as when it is no longer necessary for the purposes for which it was collected.
  • Right to Restriction of Processing: Request that we limit the processing of your personal data in certain situations.
  • Right to Data Portability: Request that we transfer your personal data to another service provider in a structured, commonly used, and machine-readable format.
  •  Right to Object: Object to processing of your personal data, especially for direct marketing purposes.

To exercise any of these rights, please contact us using the contact details provided in Section 30 of this Privacy Policy. We aim to respond to such requests within the required timeframes under applicable law.

35. Withdrawal of Consent

In cases where our processing of your personal data is based on your consent (such as for marketing purposes), you have the right to withdraw your consent at any time. You can withdraw consent by contacting us or using the “unsubscribe” link in marketing emails. Please note that withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.

36. Contacting the Supervisory Authority

If you are not satisfied with how we handle your personal data, or if you believe that we are processing your data unlawfully, you have the right to lodge a complaint with the relevant data protection authority. For users in the European Union (EU), the supervisory authority is typically located in your country of residence.

You can find contact details for the relevant authority in your jurisdiction on the official EU website: European Data Protection Board (EDPB).

37. Use of Social Media and Third-Party Integrations

Our Website may allow you to connect with social media accounts or other third-party services (e.g., Facebook, Twitter, Google). These third-party services may collect your personal data according to their privacy policies. We encourage you to review the privacy policies of any third-party services you interact with to understand how your data is being processed.

Please note that we are not responsible for the privacy practices of these external services.

38. Changes to this Privacy Policy

We may periodically update this Privacy Policy to reflect changes in our practices, legal obligations, or the nature of our services. We will notify you of any material changes by posting a prominent notice on our Website or by sending you an email (if we have your contact information). All updates will be effective immediately upon posting the revised Privacy Policy on our Website, unless stated otherwise.

It is important that you review this Privacy Policy periodically to stay informed about how we are protecting your personal data.

39. Final Provisions

This Privacy Policy is part of our ongoing commitment to user privacy and data protection. We endeavor to ensure that our practices align with the highest standards of privacy and security to create a safe environment for all our users.

By using our Website, you agree to the collection, use, and processing of your personal data in accordance with this Privacy Policy. If you disagree with the terms of this Privacy Policy, we kindly ask that you do not use our Website.

40. Security Measures

We take the security of your personal data seriously and employ reasonable technical and organizational measures to protect it from unauthorized access, loss, misuse, alteration, and destruction. These security measures include, but are not limited to:

  •  Encryption: We use encryption technologies to protect your data during transmission, including when making payments or submitting sensitive information.
  • Access Control: Only authorized personnel who need to process your personal data to provide services or meet legal obligations have access to it. We implement strict access control policies to minimize the risk of unauthorized access.
  •  Regular Security Audits: We regularly monitor and audit our systems for vulnerabilities to ensure that our security measures are up-to-date and effective.
  •  Secure Storage: Personal data is stored securely using industry-standard protection methods, including firewalls and data encryption at rest.
  •  Incident Response: We have a protocol in place to respond to any data breaches or security incidents. If we become aware of any data breach that affects your personal data, we will notify you in accordance with applicable laws, including GDPR requirements for notification within 72 hours.

While we strive to maintain a secure environment, no system or transmission method can be guaranteed to be 100% secure. You acknowledge and accept the risks associated with online activities.

41. Data Minimization

We are committed to collecting only the personal data that is necessary to provide our services to you. We will ensure that we do not collect excessive amounts of personal data and that the data we do collect is relevant and adequate for the purposes for which it is intended.

42. Your Responsibilities

In addition to the protections we implement for your personal data, we encourage you to take steps to safeguard your data as well. You are responsible for:

  • Keeping your account login credentials (such as passwords) confidential and using strong, secure passwords.
  •  Not sharing sensitive personal information over unsecured channels or through public platforms.
  •  Promptly notifying us of any unauthorized use of your account or data.

We will work with you to resolve any security concerns you may have in a timely manner.

43. Consent for Sensitive Data

We do not collect or process sensitive data unless necessary. Sensitive data includes information such as racial or ethnic origin, political opinions, religious beliefs, health information, or union membership. We will only collect such information with your explicit consent, or if necessary for the fulfillment of contractual obligations or legal requirements. If we request sensitive data, we will ensure you are aware of why we need it and obtain explicit consent before processing.

44. Cross-Border Data Transfers

As part of our services, your personal data may be transferred to and processed in countries outside the jurisdiction where you reside, including the United States, where our main servers are located. When we transfer your personal data internationally, we will take appropriate steps to ensure that the data is protected, including:

  • Using contracts that include appropriate data protection clauses.
  •  Relying on mechanisms such as Standard Contractual Clauses or Privacy Shield Frameworks (where applicable) to ensure that your data remains protected in accordance with the applicable data protection laws.

By using our Website and submitting your personal data, you consent to these cross-border transfers.

45. Data Protection Impact Assessment (DPIA)

If we introduce new data processing activities that may significantly affect the privacy of individuals (e.g., large-scale data collection or new technologies), we will conduct a Data Protection Impact Assessment (DPIA). A DPIA is an assessment of the potential risks to the privacy and rights of individuals and the measures we take to mitigate those risks.

46. Third-Party Services and Providers

While we may engage third-party services to support our business operations, we are committed to ensuring that these parties also comply with relevant data protection laws. Our third-party service providers are required to adhere to strict privacy and security requirements, and we may only share your personal data with them for purposes directly related to providing our services to you, such as:

  • Payment processors (to complete transactions securely).
  • Customer service providers (for support or order fulfillment).
  •  Marketing service providers (for sending promotional content if you have consented).

If we share your data with a third-party provider, we will do so in compliance with applicable data protection laws and ensure that they handle your data securely.

47. Legal Requirements and Compliance

We may disclose your personal data if required by law or in response to lawful requests by public authorities, such as to comply with a subpoena or similar legal process. Additionally, we may disclose your data to enforce our terms of service, protect our rights, or protect the safety of our users or the public.

We will also cooperate with law enforcement authorities if necessary to investigate illegal activities, fraud, or other violations of applicable laws.

48. Complaints and Dispute Resolution

If you believe that we have not complied with our obligations regarding your personal data, we encourage you to contact us first to resolve the issue. We are committed to addressing your concerns and will make every effort to resolve any issues you may have regarding our privacy practices.

If we cannot resolve the issue to your satisfaction, you may have the right to lodge a complaint with a relevant data protection authority (such as the Information Commissioner’s Office in the UK or the Federal Trade Commission in the US). Please note that different jurisdictions may have different regulatory bodies to handle privacy complaints.

49. Effective Date and Review

This Privacy Policy is effective as of February 9, 2025. We will review and update this policy periodically to ensure that it remains compliant with applicable laws and reflects our data protection practices accurately. We will notify you of any significant changes to this policy, either by posting an updated version on our Website or via email.