Privacy Policy

1. What Personal Data We Collect and Why

We collect and process personal data to provide and improve our services. This may include:

  • Personal Data: Name, email address, account preferences, and other information provided voluntarily (e.g., through registration or contact forms).
  • Transactional Data: Purchase history, payment details (handled securely by our payment processor).
  • Technical Data: IP address, browser type, cookies, and analytics data for site optimization.
  • Sensitive Data: We do not intentionally collect sensitive personal data (e.g., health information) unless explicitly provided by you with consent.

Legal Basis:

  • Consent: When you voluntarily provide data (e.g., signing up for a newsletter).
  • Contractual Necessity: To fulfill services you’ve requested (e.g., processing orders).
  • Legitimate Interests: Improving our website and services (e.g., analytics).

2. How We Collect Data

  • Direct Interactions: Contact forms, user registrations, comments, or purchases.
  • Automated Technologies: Cookies, analytics tools (e.g., Google Analytics), and third-party embeds (e.g., social media widgets).

Comments

If you leave comments, we collect the data shown in the comment form (name, email, IP address) to prevent spam.

Media

Uploaded files (e.g., images) may include embedded location data (EXIF GPS). Visitors can extract this from images on the site.

Contact Forms

Submissions are retained for [X months/years] for customer service purposes but not used for marketing unless explicitly consented.

Cookies

We use cookies to enhance user experience, including:

  • Necessary Cookies: For site functionality (e.g., login sessions).
  • Analytics Cookies: To track traffic (you can opt out via browser settings).

Analytics

We use [Google Analytics/Other] to analyze site usage. Data is anonymized, and you may opt out via [link to opt-out tool].

3. Who We Share Your Data With

We only share data with trusted third parties when necessary:

  • Payment Processors: [List, e.g., Stripe, PayPal] (see their privacy policies).
  • Hosting Providers: [Your hosting provider].
  • Legal Compliance: If required by law (e.g., court orders).

4. How Long We Retain Data

  • User Accounts: Retained until deletion is requested.
  • Contact Form Entries: [X months/years].
  • Analytics Data: [X months/years].

5. Your Rights Over Your Data

You may request:

  • Access, correction, or deletion of your data.
  • A copy of your data in a portable format.
  • Withdrawal of consent (where applicable).
    To exercise these rights, contact us at [Your Contact Email].

6. Where Your Data Is Sent

Data may be processed outside the EU (e.g., via US-based services). We ensure safeguards like:

  • Standard Contractual Clauses (SCCs).
  • Privacy Shield (if applicable).

7. Data Protection Measures

We implement:

  • Encryption (SSL/TLS).
  • Regular security audits.
  • Staff training on data privacy.

8. Data Breach Procedures

In case of a breach, we will:

  • Notify affected users and authorities (if legally required).
  • Investigate and mitigate risks promptly.

9. Third-Party Data Sources

We may receive data from:

  • Advertisers (anonymized analytics).
  • Social media platforms (if you interact with our profiles).

10. Automated Decision-Making

We do not use automated profiling or decision-making that significantly affects users.

11. Regulatory Disclosures

[If applicable, e.g., “We comply with GDPR (EU) and CCPA (California).”]