Privacy Policy for sophiekarthauser.com
1. Introduction
At sophiekarthauser.com, we are firmly committed to protecting your personal data and upholding your privacy rights. We prioritize the confidentiality, integrity, and transparency of all interactions involving your information. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information, ensuring full compliance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”).
2. Scope and Role of the Data Controller
This Privacy Policy applies to all users and visitors of sophiekarthauser.com (“the Website”). For purposes of data protection laws, the data controller responsible for your personal data is sophiekarthauser.com, managed by its registered operator. Any inquiries related to this Policy or requests concerning your data may be directed to [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data through your use of the Website or by interacting with us directly:
a. Usage Data: Includes details of your interactions with the site such as IP address, browser information, pages visited, referring URLs, access times, and session data.
b. Account Data: Personal identifiers such as your full name, residential or billing address, email address, and phone number when you voluntarily provide these during account registration, purchases, or correspondence.
c. Profile Data: Demographic data, individual preferences, past product purchases, and behavioral patterns inferred from your activity and interactions with the Website.
d. Communication Data: Records of any communications you send us, including support inquiries, messages via contact forms, email correspondence, and other exchanges.
e. Technical Data: Information about the device you use to access the site, including device type, operating system, browser plugins, hardware settings, and screen resolution.
f. Transaction Data: Details regarding transactions on sophiekarthauser.com, such as billing and shipping addresses, products purchased, payment method details (excluding full credit/debit card numbers), and order history.
g. Preference Data: Information regarding your marketing preferences, newsletter subscriptions, and interests relating to our goods and services.
4. Legal Bases for Processing
Your personal data is processed based on lawful justifications including:
– Consent: Where you have explicitly given us permission to use your data for specific purposes (e.g., receiving marketing emails).
– Contractual Necessity: Where processing is essential for performing a contract with you or taking pre-contractual steps at your request.
– Legitimate Interests: Where processing is necessary for our legitimate interests, such as securing the Website, preventing fraud, understanding user behavior, or enhancing our services, provided such interests are not overridden by your fundamental rights.
– Legal Obligation: Where processing is required to comply with applicable laws and regulations to which we are subject.
5. Your Rights
In accordance with GDPR and CCPA, you are entitled to exercise the following rights concerning your personal data:
– Right of Access: Obtain a copy of the personal data we hold about you.
– Right of Rectification: Request correction of any incomplete or inaccurate data.
– Right to Erasure: Request deletion of your data under specified circumstances.
– Right to Restrict Processing: Limit how we process your information.
– Right to Data Portability: Receive your data in a structured, commonly used, and machine-readable format, and request its transmission to another controller.
– Right to Object: Oppose processing based on legitimate interests or direct marketing.
– Non-Discrimination (CCPA): Exercise your privacy rights without being discriminated against.
To exercise any of these rights, please contact us at [email protected]. We may require verification of your identity before proceeding with your request.
6. Security Measures
We implement robust organizational and technical safeguards to protect your personal data, including:
– End-to-end encryption of sensitive data in transit and at rest.
– Role-based access controls preventing unauthorized access.
– Frequent data backups and secure storage solutions.
– Staff training on confidentiality and data protection protocols.
While we strive to use acceptable means to protect your data, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
7. International Data Transfers
Your personal data may be transferred and processed outside of your country of residence, including to jurisdictions that may not provide the same level of data protection. In these cases, we take appropriate safeguards, including the use of European Commission-approved Standard Contractual Clauses (SCCs) or equivalent measures in compliance with GDPR and CCPA requirements.
8. Data Retention
We retain personal data only for as long as is necessary for the purposes for which it was collected, subject to legal, tax, and regulatory requirements:
– Usage Data: Retained for 12 months for analytical purposes.
– Account Data: Retained during your active relationship and up to 6 years following termination.
– Profile and Preference Data: Retained for 2 years after your last interaction with the Website.
– Communication Data: Retained for up to 3 years for customer service reference.
– Transaction Data: Retained for 7 years for accounting and legal obligations.
– Technical Data: Retained temporarily during sessions and anonymized thereafter.
Upon expiration of retention periods, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies on sophiekarthauser.com to enhance user experience, analyze usage, and deliver tailored content. Categories include:
– Essential Cookies: Required for the operation of the Website, such as page navigation and secure login.
– Functional Cookies: Enhance functionalities like language preference and live chat.
– Analytics Cookies: Help us understand how users interact with the Website, thereby improving design and performance.
– Performance Cookies: Collect anonymous data to improve performance and reliability.
10. Cookie Management and Compliance
By accessing the Website, you will be presented with a clear cookie consent mechanism, allowing you to accept or manage your preferences. You may update your preferences at any time through your browser settings or our Cookie Management Tool.
Our cookie practices are designed to comply with GDPR’s Article 6(1)(a) and CCPA’s “Do Not Sell or Share My Personal Information” requirements.
11. Children’s Privacy
sophiekarthauser.com is not intended for children under the age of 13. We do not knowingly collect personal data from children. If we become aware that we have collected such data without parental consent, we will take appropriate steps to delete it. Parents or guardians who believe their child has provided personal information should contact us at [email protected].
12. Policy Updates
We reserve the right to update this Privacy Policy as needed to reflect legal, regulatory, or operational changes. Any modifications will be communicated to users via prominent notifications on the Website. Continued use following such changes constitutes acceptance of the updated policy terms.
13. Contact
If you have any questions, requests, or concerns regarding this Privacy Policy or the handling of your personal data, you may contact us at:
Email: [email protected]
We are committed to ensuring compliance with applicable data protection laws and providing transparent, responsible stewardship of your personal information.