Privacy Policy for sarah-bailey.com
1. Introduction
Sarah Bailey and the team behind sarah-bailey.com (“we”, “our”, or “us”) are fully committed to protecting and respecting your privacy. This Privacy Policy outlines our practices for processing personal data and is designed to ensure compliance with international data protection frameworks, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We are committed to transparency, accountability, and the responsible handling of your information.
2. Scope of Policy and Role as Data Controller
This Privacy Policy applies to individuals who visit, interact with, or use the services available through sarah-bailey.com and any related domains or digital platforms we own or operate. For the purposes of applicable data protection laws, Sarah Bailey, the legal owner of sarah-bailey.com, serves as the Data Controller for the personal information collected through this website.
If you have any questions regarding the handling of your data, you may contact us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data: This includes information about your browser type and version, IP address, pages visited, session durations, referring URLs, and similar analytical data.
b. Account Data: If you create an account or make a purchase, we collect your name, billing/shipping addresses, email address, and phone number.
c. Profile Data: Includes your preferences, purchase history, behavioral interactions on our site, and other information you voluntarily provide to enhance your experience.
d. Communication Data: Includes any messages, inquiries, feedback, or support requests sent through contact forms, email, or chat logs.
e. Technical Data: Consists of information about the device and operating system used to access sarah-bailey.com, including settings, browser plugins, and network identifiers.
f. Transaction Data: Information about payment methods, transaction details (excluding full credit card numbers, which are processed securely by third parties), delivery addresses, and order history.
g. Preference Data: Includes your communication preferences, marketing consent, frequency, product interests, and opt-in/opt-out choices.
4. Legal Bases for Processing Personal Data
We process your personal data under several lawful bases as defined under GDPR and CCPA:
– Consent: Where you have provided clear consent for us to process your personal data for a specific purpose (e.g., receiving newsletters).
– Contractual Necessity: To fulfill our obligations under a contract with you, such as processing and fulfilling orders.
– Legal Obligation: Where processing is necessary for compliance with a legal or regulatory obligation.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, and these interests do not override your data protection rights (e.g., fraud detection, website improvement).
5. Your Rights
If you are located in a jurisdiction with privacy laws such as the GDPR or CCPA, you are entitled to the following rights concerning your personal data:
– Right to Access: Request a copy of your personal data we hold.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data where there is no legal reason for us to retain it.
– Right to Restriction: Request that we suspend processing of your personal data.
– Right to Portability: Request to receive your data in a structured, machine-readable format or have it transferred to another data controller.
You may exercise these rights by contacting us at [email protected]. We may need to verify your identity before fulfilling your request.
6. Security Measures
We implement robust, industry-standard security practices to protect personal data, including:
– Data encryption for information in transit and at rest
– Access control systems limiting personnel access to sensitive data
– Regular backups and failover systems for resilience
– Mandatory confidentiality agreements and data privacy training for all staff
Despite our best efforts, no security system is entirely impenetrable. Therefore, individuals assume some level of inherent risk in transmitting data to sarah-bailey.com.
7. International Transfers
Your data may be transferred to and processed in countries outside your own jurisdiction. In such cases, we ensure that standard contractual clauses approved by the European Commission or equivalent safeguards are in place to protect your rights and comply with applicable laws.
8. Data Retention
We retain your personal data only as long as necessary to fulfill the purposes stated in this Policy and to comply with legal preservation requirements:
– Account and Profile Data: Retained for the duration of your active account and a reasonable period thereafter for audit and support.
– Transaction Data: Retained for up to 7 years to meet tax and contractual obligations.
– Technical, Usage, and Communication Data: Retained for up to 24 months for analytics and quality control.
After the expiration of applicable retention periods, your data is securely deleted or anonymized.
9. Cookie Policy
sarah-bailey.com uses cookies and related technologies to enhance your browsing experience. The types of cookies we use include:
– Essential Cookies: Required for basic website functionality and secure access.
– Functional Cookies: Enhance usability by remembering settings and user choices.
– Analytics Cookies: Collect aggregated data on user behavior to improve our website.
– Performance Cookies: Track performance to optimize site speed, navigation, and experiences.
10. Cookie Management and Compliance
Upon visiting sarah-bailey.com, users are presented with a cookie consent banner. You may manage your consent preferences directly through our cookie settings panel or by adjusting your browser settings to block or delete cookies.
In accordance with GDPR and CCPA, we require affirmative opt-in for non-essential cookies. Analytics and marketing cookies will not be activated unless explicitly consented to by the user.
11. Children’s Privacy
sarah-bailey.com does not knowingly collect personal data from children under the age of 13. If we become aware that such data has been inadvertently collected, we will delete it promptly. Parents or guardians who believe their child has submitted personal data are encouraged to contact us at [email protected].
12. Policy Updates & User Notifications
We may revise this Privacy Policy from time to time to reflect changes in legal, technical, or business developments. Updates will be posted on this page, and Material changes may be notified via email or on-site messaging where required by law. Continued use of sarah-bailey.com indicates agreement with the current version of this Policy.
13. Contact
For any questions, concerns, or requests regarding your personal data or this Privacy Policy, please reach out to us at:
Email: [email protected]
—
We are fully committed to safeguarding your privacy and ensuring compliance with all applicable data protection laws, including the GDPR and CCPA. For further assistance or to exercise your privacy rights, contact our team at the email address provided.