Privacy Policy for Graceful Mama HQ
1. Introduction
At Graceful Mama HQ (“we,” “us,” or “our”), accessible at gracefulmamahq.com, we are committed to safeguarding the privacy and personal data of our community. We recognize the importance of privacy and are dedicated to maintaining the confidentiality, integrity, and security of information entrusted to us. This Privacy Policy outlines the principles and practices through which we collect, process, store, and use personal data in compliance with the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”) and other applicable data protection laws.
2. Scope of Policy and Role as Data Controller
This Privacy Policy applies to all users and visitors of gracefulmamahq.com, and to all services and communications in connection with the site. We act as the “data controller” under the GDPR with respect to the personal data we collect, meaning we determine the purpose and manner of processing your data. For users covered under the CCPA, we are considered a “business” and comply with requirements concerning the collection, use, and disclosure of personal information.
3. Categories of Data We Process
We collect and use various types of personal data to provide, maintain, and improve our services. The categories include:
a. Usage Data
Information about how you use our website, including your IP address, browser type, pages visited, time spent on pages, referring URLs, and other diagnostic data.
b. Account Data
Information you provide to create or maintain an account, such as your full name, email address, postal address, and phone number.
c. Profile Data
Information derived from your interactions with gracefulmamahq.com, including your preferences, purchase history, browsing behavior, and saved items.
d. Communication Data
Records of communications between you and Graceful Mama HQ, including emails, support inquiries, feedback, and messages submitted through our contact forms.
e. Technical Data
Details about the devices and technology you use to interact with the site, including operating system, browser settings, device identifiers, and screen resolution.
f. Transaction Data
Details related to purchases made on or through the site, including payment information (processed securely through third-party providers), order history, and delivery details.
g. Preference Data
Your selected preferences about marketing communications, product interests, subscription settings, and cookie consent choices.
4. Legal Bases for Processing
We process your personal data based on the following legal grounds:
– Consent: When you have explicitly agreed to the processing of your data, for example, by signing up to our newsletter.
– Contractual Necessity: When processing is necessary to fulfill a contract with you, such as delivering products or managing your account.
– Legal Obligation: When we are required by law to retain or disclose certain information.
– Legitimate Interests: When processing supports our operational functions, such as website maintenance, fraud prevention, analytics, or personalized user experience, provided that such interests are not overridden by your privacy rights.
5. Your Rights Under Data Protection Laws
As a data subject, you have the following rights regarding your personal data:
– Right of Access: You have the right to request a copy of the personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal information in certain circumstances.
– Right to Restriction: You may ask us to restrict the processing of your data under certain conditions.
– Right to Portability: You may receive personal data in a structured, commonly used format and request transmission to another controller.
– Right to Object: You have the right to object to the processing of your data where we rely on legitimate interests or for direct marketing purposes.
– Right to Withdraw Consent: You may withdraw your consent at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at [email protected] with the subject line “Data Privacy Request”.
6. Security Measures
We implement robust technical and organizational measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. Our security practices include, but are not limited to:
– Encryption of personal data during transmission and at rest.
– Regular audits and vulnerability assessments.
– Access controls and authentication protocols for authorized personnel.
– Secure backup and disaster recovery procedures.
– Ongoing training for staff on data protection best practices.
7. International Data Transfers
If your data is transferred outside of the European Economic Area (EEA) or California, we ensure such transfers are made in compliance with applicable data protection laws. We use safeguards such as the European Commission’s Standard Contractual Clauses and ensure that destination countries provide adequate protection for your information.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. Retention periods typically include:
– Account Data: Retained for as long as the account remains active or until a deletion request is received.
– Transaction Data: Retained for 7 years for accounting and tax compliance.
– Communication Data: Retained for 2 years after resolution of the inquiry.
– Usage and Technical Data: Retained for up to 12 months for analytics and troubleshooting.
– Marketing Preferences: Retained until you unsubscribe or withdraw consent.
9. Cookie Policy
Graceful Mama HQ uses cookies and similar tracking technologies to deliver a tailored and efficient user experience. Cookies are placed on your device to:
– Essential Cookies: Enable core functionality such as page navigation and secure access.
– Functionality Cookies: Remember preferences, account logins, and past actions.
– Analytics Cookies: Help us understand how users interact with our site, allowing for improvements.
– Performance Cookies: Monitor website performance and user behavior for optimization.
10. Cookie Management & Compliance
Users are presented with cookie consent options upon first visit in accordance with GDPR and CCPA. You may manage or withdraw your consent at any time by adjusting your browser settings or using our cookie control tools. If you are a California resident, you have the right to opt out of the sale or sharing of personal information through cookie identifiers.
To learn more about managing cookies or to submit a “Do Not Sell My Personal Information” request, please email us at [email protected].
11. Children’s Privacy
Graceful Mama HQ does not knowingly collect or solicit personal data from children under the age of 13. If we learn that we have inadvertently collected such information, we will take prompt steps to delete it. If you believe that a child has provided us with personal data without parental consent, please contact us immediately at [email protected].
12. Policy Updates
We may revise this Privacy Policy from time to time to reflect changes in legal requirements, our services, or data processing practices. We will notify users of material changes through our website or direct communication, and continued use of gracefulmamahq.com will constitute your acceptance of the revised terms.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, you may reach out to us at:
Email: [email protected]
Website: https://gracefulmamahq.com
We are committed to upholding your privacy rights and complying with current data protection laws. If you believe your rights have been violated, we encourage you to contact us, and we will respond promptly and appropriately.