Privacy Policy for sarah-bailey.com
At sarah-bailey.com, we are committed to respecting and protecting the privacy of our users and responsibly managing all personal data you entrust to us. This Privacy Policy reflects our dedication to data protection, transparency, and compliance with applicable data privacy laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”), as amended.
Please read this Privacy Policy carefully to understand how we collect, use, store, share, and safeguard your personal information when you visit or use sarah-bailey.com (the “Website”).
1. Commitment to Privacy and Data Protection
We prioritize your right to privacy and are dedicated to maintaining the confidentiality, integrity, and availability of your personal data. Our goal is to ensure that any data you provide is processed in a secure, fair, and lawful manner, with transparency and respect for your individual rights and freedoms.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all processing of personal data via sarah-bailey.com and related services. For the purposes of data protection laws, the data controller responsible for your personal data is Sarah Bailey, owner and operator of sarah-bailey.com. You may contact the data controller regarding any privacy concerns at [email protected].
3. Categories of Data Processed
We collect and process various categories of personal data as part of providing services and operating our Website:
– Usage Data: Information automatically collected when you interact with sarah-bailey.com, including IP address, browser type, operating system, referral sources, pages visited, and session duration.
– Account Data: Personal information provided during account registration or order placement, such as full name, mailing address, email address, and telephone number.
– Profile Data: Preferences, purchase history, product views, behavioral interactions, and saved items used for personalization and analytics.
– Communication Data: Copies of correspondence, messages sent through contact forms, support inquiries, and email communication history.
– Technical Data: Information related to the device or platform used to access the Website, including screen size, language settings, time zone, and network identifiers.
– Transaction Data: Records of product purchases, including order amounts, items ordered, shipping and billing addresses, and limited payment details (note: full financial info is processed by third-party payment providers).
– Preference Data: Marketing consents, communication preferences, and interests in particular product categories or services, where provided.
4. Legal Bases for Processing
We collect and process personal data on the following lawful bases:
– Consent: Where you have voluntarily provided information and explicitly agreed to processing, such as newsletter subscriptions or marketing communications.
– Contractual Necessity: Processing is necessary to fulfill a contract with you, such as completing and delivering product orders.
– Legitimate Interests: For purposes such as fraud prevention, internal analytics, site improvement, and ensuring network and information security, provided our interest does not override your fundamental rights.
– Legal Obligation: When required to comply with statutory requirements, such as retaining invoices for tax purposes.
5. Your Rights Under Data Protection Laws
Depending on your residency and applicable law, you may have the following rights:
– Right of Access: Request access to the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your data when no longer necessary for lawful processing.
– Right to Restrict Processing: Request temporary suspension of processing if you contest the accuracy or object to processing.
– Right to Data Portability: Receive your provided data in a structured, commonly used format or request it be transmitted to another controller.
– Right to Object: Object to data processing based on our legitimate interests or for direct marketing.
– Right to Withdraw Consent: Withdraw previously provided consent at any time.
To exercise any of these rights, please email [email protected] with your request. We may request additional information to verify your identity before fulfilling your request.
6. Security Measures
We take appropriate technical and organizational measures to secure personal data, which include:
– SSL encryption during data transmission
– Secure servers and firewalls
– Strict access control with role-based privileges
– Regular data backups
– Training of staff on privacy and information security best practices
While we implement robust safeguards, no transmission method over the internet or digital storage is completely immune to risk. We encourage users to maintain good cyber hygiene when accessing sarah-bailey.com.
7. International Transfers
Where data is transferred outside the European Economic Area (EEA) or equivalent jurisdictions, such transfers are governed by appropriate legal mechanisms, such as Standard Contractual Clauses approved by the European Commission, ensuring an adequate level of data protection consistent with EU standards.
8. Data Retention
We store personal data only for as long as necessary to achieve the purposes for which it was collected or to comply with legal and regulatory obligations.
– Usage Data: Retained up to 12 months for analytics
– Account and Profile Data: Retained while the user account remains active, and up to 2 years thereafter
– Communication and Support Data: Retained for 24 months from last interaction
– Transaction Data: Retained for 7 years for compliance with accounting laws
– Preference Data: Retained until consent is revoked or preference is updated
Data is permanently deleted or securely anonymized upon expiry of the applicable retention period.
9. Cookie Policy
Cookies are small files stored on your browser when you visit sarah-bailey.com. We use cookies for the following purposes:
– Essential Cookies: Necessary for the website to function, including session authentication and shopping cart functionality.
– Functional Cookies: Enable additional features like remembering login details or saving cart contents.
– Analytics Cookies: Collect aggregate data on website usage to help us enhance site performance and user experience.
– Performance Cookies: Measure system efficiency, such as page load times and responsiveness.
10. Cookie Management and Legal Compliance
You may manage your cookie preferences at any time by adjusting your browser settings or using our cookie management tool on sarah-bailey.com. By default, only strictly necessary cookies are active, and we request explicit consent before placing non-essential cookies in compliance with GDPR and CCPA. California residents may also opt-out of the “sale” of personal information, as broadly defined under CCPA, by contacting us directly.
11. Special Protections for Children
sarah-bailey.com is not directed at, nor knowingly collects information from, children under the age of 13. If we become aware that personal data has been collected from a minor without parental consent, we will delete such information immediately. Parents or guardians who believe their child has submitted data should contact us at [email protected].
12. Policy Updates and Notification
We may revise this Privacy Policy from time to time to reflect changes in technology, legislation, or our operations. We will indicate material changes on sarah-bailey.com and, where appropriate, notify users by email. Continued use of the Website after such updates constitutes your acceptance of the revised Policy.
13. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:
Sarah Bailey
Email: [email protected]
We are committed to compliance with applicable privacy laws and welcome your feedback to help us honor our privacy obligations. If you believe your rights have not been respected, please contact us so we can address the issue promptly and responsibly.