Privacy Policy – elizabeth-michelle.com
1. Introduction
At elizabeth-michelle.com (“we,” “us,” or “our”), your privacy is of paramount importance. We are committed to safeguarding the personal data of our users and visitors and processing such information in a transparent, lawful, and respectful manner. This Privacy Policy outlines how we collect, use, store, disclose, and protect your personal information, in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the California Consumer Privacy Act (“CCPA”), and other applicable privacy laws.
2. Scope of This Policy and Role as Data Controller
This Privacy Policy applies to all users of the website located at elizabeth-michelle.com (“Website”) and describes how personal data is processed in the course of our interactions with you. For the purposes of the GDPR and other relevant regulations, elizabeth-michelle.com acts as the “data controller,” determining the purposes and means of the processing of your personal data. We are responsible for ensuring that your personal data is handled in full compliance with applicable laws.
3. Categories of Personal Data Processed
Depending on your interactions with us, we may collect and process the following categories of personal data:
a. Usage Data
This includes information about how you use our Website, such as your IP address, browser type and version, geographical location, referral sources, length of visit, pages viewed, and navigation paths. This data helps us maintain and optimize the performance of our website.
b. Account Data
When you create an account or engage with us directly, we may collect identifying information such as your full name, email address, mailing address, and telephone number.
c. Profile Data
Profile data encompasses your preferences, product history, feedback submissions, reviews, and behavioral data derived from your interaction with the site.
d. Communication Data
Includes any communication that you send to us, such as emails, customer service inquiries, support requests, or messages submitted via contact forms or chat features on the Website. We may also retain records of these communications for quality assurance and legal compliance.
e. Technical Data
This includes details collected from your device such as device model, operating system, system configurations, unique identifiers, and diagnostic data.
f. Transaction Data
Comprises details about purchases made through the Website, including payment method (excluding full credit card numbers), billing/shipping address, order history, and delivery status.
g. Preference Data
Captures your choices regarding marketing communications, subscription preferences, promotional activities, and content or product interests.
4. Legal Bases for Processing Personal Data
We process personal data in accordance with one or more of the following legal bases:
– Consent: Where applicable, we will rely on your clear consent to process specific categories of personal data, such as marketing preferences or cookies, in compliance with GDPR Article 6(1)(a).
– Contractual Necessity: When it is necessary to perform or enter into a contract with you, such as processing an order or delivering goods.
– Legitimate Interests: To pursue legitimate business interests, including analytics, improving website functionality, fraud prevention, and direct marketing (where legally permissible).
– Legal Obligation: Where processing is required for compliance with legal obligations to which we are subject.
5. Your Rights
In compliance with the GDPR and CCPA, you have the following rights in relation to your personal data:
– Right of Access: You may request access to personal data we hold about you.
– Right to Rectification: You are entitled to request correction of any inaccurate or incomplete data.
– Right to Erasure: You may request that we delete your personal data where legally required or permitted.
– Right to Restrict Processing: You may request restriction of processing under certain circumstances.
– Right to Data Portability: You may receive your data in a structured, commonly used, machine-readable format, and have it transmitted to another controller.
– Right to Object: You have the right to object to processing where we rely on a legitimate interest as our legal basis.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of previous processing.
– Right to Non-Discrimination (CCPA): You have the right to exercise privacy rights freely and without discrimination.
To exercise any of your rights, please contact us at: [email protected]
6. Security Measures
We employ appropriate technical and organizational measures to protect your data from unauthorized access, disclosure, loss, or misuse. These measures include, but are not limited to:
– SSL encryption for secure data transmission
– Access control protocols and administrative safeguards
– Routine monitoring, patching, and system backups
– Employee training and confidentiality agreements
– Role-based access restrictions for data handling
7. International Data Transfers
Personal data collected through elizabeth-michelle.com may be transferred to, and stored or processed in, jurisdictions outside your own, including countries that may not provide the same level of data protection. Where such transfers occur, we ensure adequate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, to maintain the protection of your data and uphold your rights.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Usage and Technical Data: Up to 12 months, for security and analytics;
– Account and Profile Data: For the life of the account and up to 2 years following closure;
– Communication Data: Up to 3 years after final contact;
– Transaction Data: Retained for 7 years for tax and accounting obligations;
– Preference Data: Until consent is withdrawn or data is updated.
Where data is no longer needed, we securely delete or anonymize it.
9. Cookie Policy
Cookies are small text files stored on your browser or device to enhance user experience. We use the following categories of cookies on the Website:
– Essential Cookies: Required for enabling core site functionality (e.g., navigation, access to secure areas);
– Functional Cookies: Support features such as pre-filled forms and user settings;
– Analytics Cookies: Help us understand how visitors interact with the site, allowing us to optimize content and layout;
– Performance Cookies: Monitor site performance and improve speed and responsiveness.
10. Cookie Management & Compliance
Users can manage or disable cookies at any time through browser settings or via our cookie consent banner. We allow users to opt-in or opt-out of non-essential cookies, in compliance with GDPR and CCPA requirements. Where required, we seek explicit consent before setting cookies for analytics or advertising purposes.
11. Children’s Privacy
Our website is not directed at children under the age of 13, and we do not knowingly solicit or collect personal data from children. If we become aware that data has been collected from a child without verifiable parental consent, we will take appropriate steps to delete such data without undue delay.
12. Updates to This Policy
We reserve the right to modify or update this Privacy Policy at any time. Any changes will be posted clearly on this page, and continued use of elizabeth-michelle.com after changes have been posted constitutes agreement to the updated terms. Where changes involve material alterations affecting your rights and obligations, we will provide additional notice or request renewed consent, where required.
13. Contacting Us
If you have any questions regarding this Privacy Policy, your personal data, or how we handle privacy matters generally, please contact us at:
Email: [email protected]
We are committed to privacy and data protection compliance and take all concerns seriously. We aim to address all inquiries in a timely and transparent manner.