Privacy Policy for Shop Sitting Pretty
1. Introduction
At Shop Sitting Pretty (“we”, “us”, or “our”), accessible at shopsittingpretty.com, we are committed to safeguarding your privacy and protecting your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information in accordance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”), as amended. We take your privacy seriously and strive to manage your data responsibly and transparently.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our website, shopsittingpretty.com, and governs all personal data collected through your interactions with our website and related services. For purposes of the GDPR and other applicable laws, Shop Sitting Pretty is the “Data Controller” responsible for determining the purpose and means of processing your personal data. If you have any questions regarding our data practices, you may contact us at [email protected].
3. Categories of Data Processed
We collect and process various categories of data to provide and improve our services. The categories of personal data we may process include:
a. Usage Data: Information automatically collected through use of our website, such as IP address, browser type and version, device identifiers, usage patterns, pages visited, session times, referring URLs, and other diagnostic data.
b. Account Data: Information you provide when creating an account, including your full name, billing and shipping address, email address, and telephone number.
c. Profile Data: Information linked to your use of our website, such as product preferences, purchase history, feedback, interests, and shopping behavior.
d. Communication Data: Records of contact with our support team, feedback correspondence, and other interactions, including queries submitted via email or website forms.
e. Technical Data: Information about your device and internet connection, including operating system, browser plug-in types, screen resolution, and network details.
f. Transaction Data: Details relating to purchases or services you obtain from us, such as payment information (handled by third-party payment processors), order history, and delivery tracking.
g. Preference Data: Your preferences regarding marketing communications, product category interests, and consent given for direct marketing or data collection purposes.
4. Legal Bases for Processing
We process your personal data under the following legal grounds as defined by the GDPR:
– Consent: Where you have explicitly consented to our use of your data (e.g., subscribing to newsletters, accepting cookies).
– Contractual Necessity: To perform our contract with you, such as fulfilling your orders or providing customer support.
– Legal Obligation: When required to comply with applicable laws or respond to legal process.
– Legitimate Interests: To operate and improve our business in ways that are not overridden by your data protection interests, such as website analytics, fraud prevention, and marketing (subject to opt-out rights).
5. Your Data Protection Rights
Under GDPR, CCPA, and other applicable laws, you have the following rights with respect to your personal data:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete personal data.
– Right to Erasure (“Right to be Forgotten”): You may request deletion of your personal data where there is no lawful basis for continued processing.
– Right to Restriction of Processing: You may request that we temporarily or permanently suspend processing of all or some of your personal data.
– Right to Data Portability: You may request a transferable copy of your data for use with another service provider.
– Right to Object: You may object to processing based on our legitimate interests or for direct marketing purposes.
To exercise your rights, contact us at [email protected]. We will respond to all requests as required under applicable laws.
6. Security Measures
We have implemented robust organizational and technical security measures to protect your personal data against unauthorized access, loss, misuse, or destruction. These include:
– HTTPS encryption for secure data transmission;
– Role-based access control and authentication frameworks;
– Periodic data backups and disaster recovery procedures;
– Ongoing employee training in data protection and privacy awareness;
– Secure data storage using reputable hosting providers and services.
While no system is entirely immune to security breaches, we take data protection seriously and continually update our practices to address evolving threats.
7. International Transfers
If we transfer your personal data outside of the European Economic Area (EEA) or your region, we ensure appropriate safeguards are in place. Transfers may be subject to:
– Standard Contractual Clauses approved by the European Commission;
– Adequacy decisions by regulatory authorities;
– Derogations based on consent or contract fulfillment.
By using shopsittingpretty.com, you acknowledge and agree that your data may be transferred to, stored in, and processed outside your country of residence, where privacy laws may differ.
8. Data Retention
We retain your personal data only as long as necessary for the purpose it was collected or to satisfy legal, accounting, or reporting obligations. Retention periods vary by data type:
– Usage Data: Up to 12 months for analytical and security purposes.
– Account, Profile, and Transaction Data: Retained for 7 years after the last transaction for compliance and tax purposes.
– Communication Data: Retained for up to 3 years from last contact.
– Preference Data: Retained until withdrawn or amended by the user.
Upon expiry of retention periods, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies on shopsittingpretty.com to enhance user experience, provide website functionality, perform analytics, and deliver personalized content. Categories of cookies we use include:
– Essential Cookies: Required for functioning of the website, such as login and cart functionality.
– Functional Cookies: Enhance usability and remember user preferences.
– Performance Cookies: Collect data on website performance and help us improve services.
– Analytics Cookies: Gather aggregate data for site usage trends (e.g., Google Analytics).
10. Cookie Management and Compliance
In accordance with GDPR and CCPA, we provide opt-in consent mechanisms for non-essential cookies. Upon visiting shopsittingpretty.com, you will be prompted to manage your cookie preferences. You may also adjust settings at any time via your browser or our cookie management tool. California residents can opt-out of sale of personal data through designated links consistent with the CCPA.
11. Protection of Children’s Data
Our website is not intended for use by individuals under the age of 13. We do not knowingly collect or solicit personal information from children. If we become aware that we have inadvertently gathered data from a user under 13, we will delete such information promptly. Parents or guardians with concerns may contact us at [email protected].
12. Policy Updates
We reserve the right to update this Privacy Policy to reflect changes to our practices or regulatory requirements. All updates will be posted to this page. Where required under applicable law, we will notify you of material changes and, if necessary, seek your renewed consent.
13. Contact Information
If you have questions, concerns, or wish to exercise your data protection rights, you may reach us at:
Email: [email protected]
Website: https://shopsittingpretty.com
Final Statement
We are committed to full compliance with all relevant privacy laws and to maintaining the trust and confidence of our users. Please contact us at any time with privacy concerns, and we will make every effort to respond swiftly and transparently.