1. PERSONAL INFORMATION WE COLLECT, PURPOSE, AND LEGAL GROUNDS
1.1 COMMUNICATION DATA
Communication Data includes any information you send to us through the contact form on our website, blog comments, emails, text messages, or social media messages. We process this data to communicate with you, maintain records, and pursue or defend legal claims. Our lawful ground for this processing is our legitimate interests in responding to your communications and managing legal matters.
1.2 CUSTOMER DATA
Customer Data includes data related to purchases of goods and/or services, such as your name, title, company, billing address, delivery address, email address, phone number, contact details, purchase details, and card details. We process this data to fulfill your orders and maintain transaction records. Our lawful ground for this processing is the performance of a contract between you and us.
1.3 MARKETING DATA
Marketing Data comprises data about your marketing preferences and communication preferences. We process this data to offer promotions, deliver relevant website content and advertisements, and analyze advertising effectiveness. Our lawful ground for this processing is our legitimate interests in studying customer usage, improving our products/services, and developing our business.
1.4 USER DATA
User Data consists of data about your website and online service usage, as well as any data you publish on our website or through other online services. We process this data to operate our website, provide relevant content, ensure website security, maintain backups, and manage our online services. Our lawful ground for this processing is our legitimate interests in administering our website and business.
1.5 OPT-IN DATA
Opt-In Data includes the name and email address you provide when subscribing to our email newsletter or signing up for freebies. We process this data to send you theme updates, website updates, new shop items, free resources, occasional promotions, and special offers. Our lawful grounds for this processing are consent and legitimate interests in marketing our products/services and growing our business. You can opt-out from these emails anytime.
1.6 TECHNICAL DATA
Technical Data covers data about your website and online service usage, including your IP address, login data, browser details, visit duration, page views, navigation paths, and device information. We process this data to analyze usage, protect our business and website, deliver relevant content and advertisements, and understand advertising effectiveness. Our lawful ground for this processing is our legitimate interests in administering our website and business, as well as developing our marketing strategy.
2. HOW WE COLLECT PERSONAL INFORMATION
2.1 DIRECT COLLECTION
We collect data directly from you when you provide information through forms on our site or by sending us emails.
2.2 AUTOMATIC COLLECTION
Additionally, we may automatically collect certain data using cookies and similar technologies as you use our website.
2.3 THIRD-PARTY COLLECTION
We may also receive data from third parties such as analytics providers (e.g., Google), advertising networks (e.g., Facebook, Instagram, Pinterest), search information providers (e.g., Google), technical service providers, and payment and delivery services.
3. MARKETING COMMUNICATIONS
We process your personal data for marketing communications based on either your consent or our legitimate interests in growing our business. Under the Privacy and Electronic Communications Regulations, we may send you marketing communications if you have made a purchase, requested information about our goods or services, or agreed to receive marketing communications and have not opted out since. If you are a limited company, we may send you marketing emails without your consent. However, you can opt-out of receiving marketing emails from us at any time, and we will seek your express consent before sharing your data for third-party marketing purposes.
4. DISCLOSURES OF YOUR PERSONAL DATA
4.1 SERVICE PROVIDERS
We may share your personal data with service providers for IT and system administration services.
4.2 GOVERNMENT BODIES
We may also share your data with government bodies when required to report processing activities.
4.3 PAYMENT PROCESSORS
Your payment data may be shared with payment processors to handle your payments for our goods or services.
4.4 NEWSLETTER PROVIDERS
We use newsletter service providers to send marketing emails.
We ensure that all third parties receiving your data respect its security and process it according to the law. We only allow such third parties to process your data for specific purposes and in accordance with our instructions.
5. THIRD-PARTY WEBSITES
Our website may contain advertisements or content linked to third-party sites and services. We are not responsible for the practices employed by these sites and their privacy policies. Please be aware that these sites and services have their own terms and policies, which may differ from ours.
6. DATA RETENTION
We will retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including any legal, accounting, or reporting requirements. We assess the appropriate retention period based on the data’s nature, sensitivity, potential risk of harm, processing purposes, and legal requirements.
7. YOUR LEGAL RIGHTS
8. INTERNATIONAL TRANSFERS
When transferring data to third parties outside the European Economic Area (EEA), we ensure adequate safeguards for your personal data. These safeguards may include using European Commission-approved countries with an adequate level of data protection, utilizing EU-based providers adhering to the EU Privacy Shield, or using specific contracts, codes of conduct, or certification mechanisms approved by the European Commission. In the absence of these safeguards, we will seek your explicit consent for the specific transfer and allow you to withdraw consent at any time.
9. DATA SECURITY
We have implemented security measures to prevent unauthorized access, disclosure, alteration, or loss of your personal data. Access to your personal data is limited to authorized partners with a legitimate need to access such information, and they must treat it confidentially. In the event of a suspected personal data breach, we will promptly notify you and the relevant regulator if legally required.
10. CHANGES TO THIS POLICY
For further information or questions, please contact us at firstname.lastname@example.org.
Last Updated: August 3rd, 2023