Privacy Policy for Sugar & Succulents
1. Introduction
Sugar & Succulents values your privacy and places the highest importance on protecting your personal data. This Privacy Policy outlines how we collect, use, store, disclose, and protect your information. Our practices are grounded in transparency, accountability, and legal compliance, including adherence to the European Union’s General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We are committed to ensuring the confidentiality, integrity, and availability of your personal information.
2. Scope and Data Controller
This Privacy Policy applies to all personal data gathered through your use of the website located at sugarandsucculents.com (“the Website”), as well as any associated communications or transactions. Under applicable data protection laws, Sugar & Succulents, operating via sugarandsucculents.com, acts as the Data Controller for any personal data processed in accordance with this policy.
If you have any questions regarding this policy or how we handle your data, please contact us at [email protected].
3. Categories of Personal Data Processed
We collect various types of personal data via sugarandsucculents.com for legitimate purposes and to enhance your experience:
A. Usage Data: Includes data regarding how you interact with the Website, such as browser type, operating system, IP address, referral URLs, pages viewed, time spent on the site, and session logs.
B. Account Data: Includes your full name, billing and shipping addresses, email address, and phone number, typically submitted during account creation or checkout.
C. Profile Data: Includes preferences, interests, past purchases, product views, wishlist entries, and interactions with content or marketing campaigns.
D. Communication Data: Includes data submitted through contact forms, customer support interactions, submitted inquiries, and correspondence records.
E. Technical Data: Device-specific data such as device type, operating system version, screen resolution, mobile device identifiers, and system configurations used to access the Website.
F. Transaction Data: Includes payment information (processed securely via third-party processors), delivery instructions and history, invoice data, purchase and order history.
G. Preference Data: Includes your choices regarding marketing communications, product categories of interest, newsletter subscriptions, and participation in surveys or contests.
4. Legal Bases for Processing
We process your personal data based on the following lawful grounds as defined under GDPR and CCPA:
– Consent: Where you actively provide consent (e.g., subscribing to a newsletter).
– Contractual Necessity: To fulfill a service or transaction requested by you.
– Legitimate Interest: To understand user behavior, enhance performance, provide customer support, and ensure security, provided such interests are not overridden by your rights.
– Legal Obligations: To comply with regulatory and tax obligations.
5. Your Data Protection Rights
Under applicable data protection laws, you have the following rights:
– Right of Access: To request a copy of the personal data we hold about you.
– Right to Rectification: To correct incomplete or inaccurate data.
– Right to Erasure: To have your personal data deleted under certain circumstances.
– Right to Restriction: To prevent further processing of your data where applicable.
– Right to Portability: To receive your data in a structured, commonly used format and transmit it to another controller.
– Right to Object: To object to data processing where the legal basis is our legitimate interests or direct marketing.
To exercise any of these rights, please contact us at [email protected]. We will respond to your request in a manner consistent with applicable laws.
6. Security Measures
We implement appropriate technical and organizational measures to safeguard your personal data. These measures include:
– Data encryption (SSL) for secure transmission of data.
– Access controls to restrict personal data to authorized personnel only.
– Regular data backups and secure storage.
– Employee training on data privacy and protection best practices.
– Data minimization and pseudonymization protocols where applicable.
7. International Data Transfers
As sugarandsucculents.com may utilize third-party services and cloud platforms that operate outside your jurisdiction, your personal data may be transferred internationally. When such transfers occur, we ensure adequate safeguards through mechanisms such as Standard Contractual Clauses (SCCs) or reliance on third-party certifications adhering to privacy frameworks. These measures are designed to ensure that your data remains protected consistent with EU and U.S. standards.
8. Data Retention
We retain personal data only for as long as is necessary to fulfill the purposes for which it was collected or as required by applicable legal obligations. Retention periods include but are not limited to:
– Account and Transaction Data: Retained for up to 7 years for compliance with financial and tax regulations.
– Communication and Support Data: Retained for 24 months from the last interaction.
– Usage and Technical Data: Retained for 12 months for analytics and performance monitoring.
– Marketing Preference Data: Retained until you withdraw your consent or opt out.
Upon expiration of the applicable retention period, data is deleted or anonymized securely.
9. Cookie Policy
Our Website uses cookies and similar technologies to collect data and enhance user experience. These may include:
– Essential Cookies: Necessary for the basic functioning of the Website (e.g., shopping cart, login).
– Functional Cookies: Remember your preferences (e.g., language, region).
– Analytics Cookies: Monitor Website performance, user engagement, and behavior (e.g., Google Analytics).
– Performance Cookies: Optimize Website performance and load speeds.
Cookies placed by third-party platforms are subject to the third party’s privacy notices.
10. Cookie Management and Compliance
In compliance with GDPR and the CCPA:
– Upon first visit, users are presented with a cookie consent banner explaining the types of cookies used.
– You may choose to accept or reject non-essential cookies.
– You can manage or revoke your cookie preferences at any time via the Website’s Cookie Settings link or through your browser settings.
– California residents may also opt out of the sale or sharing of their personal information by contacting us or using the appropriate web form if available.
11. Children’s Privacy
Sugar & Succulents does not knowingly collect or solicit personal data from children under the age of 13. If we are made aware that information has been collected from a child under 13 without verified parental consent, we will delete such information immediately. If you believe that we may have collected personal information from a child, please contact us at [email protected].
12. Updates to This Policy
We may revise this Privacy Policy from time to time to reflect changes in regulatory obligations, our data practices, or technological advancements. Any material changes will be communicated through our Website or via email where applicable. Your continued use of sugarandsucculents.com following the update constitutes your acceptance of the revised terms.
13. Contact Information
If you have any questions, concerns, or complaints regarding this Privacy Policy or the way your personal data is handled, please contact us:
Email: [email protected]
Website: https://sugarandsucculents.com
We take privacy inquiries seriously and will respond in accordance with applicable data protection laws.
Sugar & Succulents is committed to maintaining your trust and ensuring that your privacy is respected and protected at all times. Please do not hesitate to reach out with any concerns about your personal information or our processing activities.