Privacy Policy for Elizabeth-Michelle.com
1. Introduction
At Elizabeth-Michelle.com, we are committed to respecting and safeguarding your privacy. This Privacy Policy reflects our dedication to data protection, transparency, and compliance with all applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We handle your personal information responsibly, prioritizing data security, fair processing, and user choice.
2. Scope of This Privacy Policy and Role as Data Controller
This Privacy Policy governs the collection, use, disclosure, and protection of personal data collected through your use of the website elizabeth-michelle.com, and any related services or communications. For the purposes of the GDPR and relevant U.S. privacy legislation, Elizabeth-Michelle.com is the data controller of your personal data.
This policy applies to all visitors, users, and others who access the website or communicate with us through elizabeth-michelle.com.
3. Categories of Data We Process
We may collect and process the following categories of personal data, depending on your interactions with our website and services:
a) Usage Data
Includes information such as browser type and version, device identifiers, IP address, pages visited, referring URLs, time spent on pages, navigation paths, and session timings.
b) Account Data
Information provided when you register or create an account, including your full name, billing/shipping address, email address, and telephone number.
c) Profile Data
Includes your user preferences, purchase history, interests, and patterns of interaction with products and services on the website.
d) Communication Data
Records of communications with us, such as support requests, inquiries, email correspondence, chat histories, and other messages.
e) Technical Data
Device-specific details such as operating system, device type, browser settings, language preferences, and system configuration.
f) Transaction Data
Details of payments made through the site, including the date, payment method (excluding full card number), order contents, shipping addresses, and delivery tracking.
g) Preference Data
Marketing preferences, communication settings, newsletter subscriptions, and indicated interests or consent responses.
4. Legal Bases for Processing
We rely on a number of legal bases under the GDPR and, where applicable, the CCPA:
– Contractual Necessity: To fulfill our obligations in processing your orders, providing services, and responding to inquiries.
– Legitimate Interests: To improve our services, prevent fraud, ensure security, and manage communications.
– Consent: For sending marketing communications, setting non-essential cookies, and collecting certain types of preference data.
– Legal Obligation: To comply with applicable laws and regulatory requirements.
5. Your Privacy Rights
We respect your legal rights under the GDPR, CCPA, and other privacy frameworks. Depending on your location and applicable law, you have the following rights:
– Right of Access: You may request a copy of the data we hold about you.
– Right to Rectification: You may request that inaccurate or incomplete information be corrected.
– Right to Erasure: You may ask us to delete your data, subject to applicable retention obligations.
– Right to Restriction: You may request that we limit how we use your data in specific circumstances.
– Right to Data Portability: You may request your personal data in a structured, commonly-used format to transmit to another provider.
– Right to Object/Opt-Out: You may opt out of marketing communications or object to processing based on legitimate interests.
– Do Not Sell My Personal Information: California residents have the right to opt out of the “sale” of their personal data under the CCPA, if applicable.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We take robust measures to protect your personal information, including:
– Encryption of data at rest and in transit
– Role-based access controls with authentication requirements
– Regular system backups and secure storage
– Staff training and confidentiality agreements
– Monitoring for system vulnerabilities and unauthorized activity
While we endeavor to use commercially acceptable means to protect your data, no method of transmission over the Internet or electronic storage is entirely secure.
7. International Transfers
Where your data is transferred outside of your country of residence, such transfers are conducted in full compliance with applicable data protection laws. If you reside in the European Economic Area (EEA), we use Standard Contractual Clauses approved by the European Commission or rely on adequacy decisions to ensure appropriate safeguards during international transfers.
8. Data Retention
We retain personal data only for as long as is necessary for the purposes outlined in this policy, and as required by law:
– Account and Transaction Data: Retained for up to seven years for legal and accounting purposes.
– Communication Records: Retained for up to two years after last contact.
– Marketing Preference Data: Retained until consent is withdrawn or deemed expired.
– Usage and Technical Data: Retained for a maximum of 26 months for analytics and improvement purposes.
Data no longer required is securely erased or anonymized.
9. Cookie Policy
Elizabeth-Michelle.com uses cookies to improve user experience, analyze site performance, and provide personalized features. Cookies fall into the following categories:
– Essential Cookies: Necessary for site functionality, login, and order processing.
– Functional Cookies: Remember user preferences and enhance usability.
– Performance & Analytics Cookies: Collect anonymous data on site usage to improve functionality.
– Targeting/Advertising Cookies: Track browsing habits to show relevant ads (only if applicable and consented).
10. Cookie Management and Compliance
You can manage your cookie preferences at any time via your browser settings or through the cookie consent tool displayed upon your first visit. Where required by the GDPR or CCPA, we obtain explicit consent before placing non-essential cookies on your device.
For California users, we honor browser-based “Do Not Track” signals and provide opt-outs for any practices that may be deemed a sale of personal information.
11. Protection of Children’s Data
Our services are not directed toward, nor knowingly intended for, children under the age of 13. We do not knowingly collect personal data from children. If we become aware of such data being collected in error, we will promptly delete it. If you believe that a child under 13 has provided us with personal data, please contact us at [email protected].
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in technology, legal requirements, or our business practices. Material changes will be communicated to users via the website or direct notification, where appropriate.
You are encouraged to review this policy periodically to remain informed about how your personal data is processed.
13. Contact Us
If you have any questions, require assistance exercising your rights, or have concerns regarding this Privacy Policy or data practices at Elizabeth-Michelle.com, please contact us at:
Email: [email protected]
We are committed to complying with all applicable data protection laws and ensuring that your privacy rights are respected and protected.