Privacy Policy for MigraineMind Effective Date: August 21, 2025 Last Updated: August 21, 2025 Introduction MigraineMind ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at www.migrainemind.com (the "Site"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site. Information We Collect Automatically Collected Information When you visit our Site, we automatically collect certain limited information about your device and browsing activity, including: • Device Information: Browser type and version, operating system, device type, screen resolution • Usage Information: Pages visited, time spent on pages, referral sources • Log Data: Date and time of visits and general technical logs • Analytics Data: Aggregate visitor statistics such as total visits, popular pages, and approximate geographic region (country-level only) via Wix Analytics This data is collected in a way that does not identify individual visitors. We do not store or process full IP addresses or other personally identifiable information for analytics purposes. Information You Provide We may collect personal information you voluntarily provide, including: • Contact Information: Email address and name (if you contact us or subscribe to updates) • Communication Data: Messages sent through contact forms or email • Subscription Data: Email preferences and subscription status Third-Party Information We may receive information about you from third-party sources, including: • Hosting and Analytics Providers: Wix.com (website hosting, analytics, and performance data) • Email Service Providers: Engagement metrics and delivery statistics (if applicable) • Social Media Platforms: When you interact with our social media content How We Use Your Information We use the information we collect for the following purposes: Site Operation and Improvement • Provide, operate, and maintain our website • Analyze general site traffic patterns and visitor engagement using aggregate data • Improve website performance, usability, and content relevance Communication • Respond to inquiries and provide customer support • Send administrative communications about the Site • Deliver requested content and updates Legal Compliance and Protection • Comply with applicable laws and regulations • Protect against fraudulent or unauthorized activity • Enforce our terms of service and other policies Analytics and Performance We use Wix Analytics, which utilizes first-party, privacy-friendly cookies to help us understand website traffic and usage patterns. • These cookies collect only aggregated, anonymous data and do not personally identify visitors. • We do not use Google Analytics, Meta Pixel, or any other third-party tracking tools. • You may disable cookies in your browser settings without affecting essential site functionality. If we introduce additional analytics or tracking services in the future, we will update this policy and seek consent where required by law. Information Sharing and Disclosure We may share your information only in the following circumstances: Service Providers We share limited data with trusted third parties who perform services on our behalf, including: • Web Hosting and Platform Services: Wix.com (website hosting, analytics, and performance monitoring) • Email Services: Email delivery and subscription management (if applicable) • Content Delivery: CDN providers for faster content delivery Legal Requirements We may disclose your information when required by law or to: • Comply with legal obligations or governmental requests • Protect our rights, property, and safety • Investigate potential violations or prevent fraud Business Transfers In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. You will be notified via email or website notice if such a change occurs. Cookies and Tracking Technologies We use the following types of cookies: • Essential Cookies: Required for core website functionality such as session management, load balancing, and security. • Analytics Cookies (Wix): Used to measure aggregate traffic and usage patterns in a privacy-friendly way. These cookies do not track individuals or collect personally identifiable information. You can manage or disable cookies through your browser settings at any time. Doing so will not affect your ability to access or use the Site. Data Security We implement appropriate technical, administrative, and physical safeguards to protect your information: • Technical: SSL/TLS encryption, secure hosting infrastructure, and regular updates • Administrative: Access controls and staff training on data protection practices • Physical: Secure data centers with access restrictions and backup systems Your Privacy Rights Depending on your location, you may have the following rights: • Access and obtain copies of your personal information • Request correction or deletion of inaccurate or outdated data • Object to or restrict certain types of processing • Withdraw consent (where processing is based on consent) • Lodge a complaint with a relevant supervisory authority California Residents (CCPA) California residents have rights under the California Consumer Privacy Act, including: • Right to know what personal information is collected • Right to delete personal information • Right to opt out of the sale of personal information • Right to non-discrimination for exercising privacy rights European Residents (GDPR) Residents of the European Union and United Kingdom have rights under the GDPR and UK GDPR, including: • Right of access, rectification, erasure, and restriction • Right to data portability • Right to object to processing based on legitimate interests • Right to lodge a complaint with a data protection authority Data Retention We retain your information for as long as necessary to provide our services, maintain our records, and comply with legal obligations. • Analytics Data (Wix): Retained in aggregate form with no personal identifiers • Log Files: Retained for up to 90 days for security and troubleshooting • Contact Information: Retained until you request deletion • Email Communications: Retained for up to 3 years for service purposes International Data Transfers Your data may be processed or stored in other countries where Wix or our service providers operate. Appropriate safeguards such as Standard Contractual Clauses and adequacy decisions are used to protect your information during international transfers. Children’s Privacy Our Site is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 13, we will delete it promptly. Changes to This Privacy Policy We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make material updates, we will: • Post the updated policy on this page • Update the “Last Updated” date at the top of this document • Provide notice on our homepage where required Your continued use of the Site after changes become effective constitutes acceptance of the updated policy. Third-Party Links Our Site may contain links to third-party websites or services. This Privacy Policy does not apply to those external sites. We are not responsible for the privacy practices or content of third-party websites. Contact Information If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: Email: info@cefref.com Website: www.migrainemind.com Company: Ceftronics Limited (Registered Company No: 11968089) Mailing Address: Suite 2a, Blackthorn House, St Pauls Square, Birmingham, UK B3 1RL Data Protection Officer For GDPR-related inquiries, please contact: Email: info@cefref.com Response Time We will respond to privacy-related requests within: • 30 days for standard inquiries • 45 days for complex requests (with notification of extension) • 72 hours for data breach notifications, where required Compliance Information This Privacy Policy complies with the following regulations: • California Consumer Privacy Act (CCPA) • General Data Protection Regulation (GDPR) • UK GDPR • Virginia Consumer Data Protection Act (VCDPA) • Colorado Privacy Act (CPA) • Connecticut Data Privacy Act (CTDPA) • Utah Consumer Privacy Act (UCPA) • Other applicable privacy laws and regulations Lawful Basis for Processing (GDPR) We process your personal data based on: • Legitimate Interests: Understanding site usage and improving functionality through aggregate analytics • Consent: For email communications and optional interactions • Contract: For service delivery and user support • Legal Obligations: To comply with relevant laws and data protection requirements --- Company Information: Ceftronics Limited Registered Company Number: 11968089 Suite 2a, Blackthorn House, St Pauls Square, Birmingham, UK B3 1RL © Ceftronics Limited 2025 Last Updated: August 21, 2025 This Privacy Policy is effective as of the date listed above and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.