Privacy Policy for sophiekarthauser.com

1. Introduction

We at sophiekarthauser.com are committed to safeguarding your personal data and respecting your privacy rights. This Privacy Policy outlines how we collect, use, disclose, and securely manage your personal data. We recognize and value the trust you place in us when you use our services and visit our website, and we are fully committed to ensuring the confidentiality and integrity of your information in line with applicable data protection regulations, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Scope of This Policy and Data Controller Role

This Privacy Policy applies to your use of the sophiekarthauser.com website and all associated services, platforms, communications, and tools (collectively, the “Services”). For the purposes of relevant data protection law, the data controller of your personal information is Sophie Karthauser, reachable via [email protected].

3. Categories of Data Processed

We may collect, use, store, and transfer various types of personal data as described below:

– Usage Data: Information about how you use our website, including browser type and version, IP address, time zone setting, pages visited, referral sources, and interactions with website features.

– Account Data: Information provided when you create an account or interact with our services, such as your name, email address, physical or mailing address, and phone number.

– Profile Data: Preferences, feedback, purchase history, browsing activities, and behavioral data relevant to your interaction with our services.

– Communication Data: Records of correspondence, support inquiries, messages sent through contact forms, and any other direct interactions or feedback provided.

– Technical Data: Information captured about the device and system you use to access our Services, including device model, operating system details, unique device identifiers, and browser configurations.

– Transaction Data: Details of products or services you have purchased, payment details, billing and delivery addresses.

– Preference Data: Your selected communication options, marketing and notification preferences, and information regarding your interests relevant to our services.

4. Legal Bases for Processing

We process your personal data only where a lawful basis applies under GDPR and corresponding provisions of the CCPA. These bases include:

– Consent: When you have given clear permission for us to process your data for specified purposes.
– Contractual Necessity: When processing is necessary for the performance or initiation of a contract with you.
– Legal Obligation: When processing is necessary to comply with relevant legal or regulatory obligations.
– Legitimate Interests: When processing is required for our legitimate business interests (e.g. improving our services, website functionality, or marketing effectiveness), and these are not overridden by your data protection rights.

5. Your Data Protection Rights

Depending on your location and applicable legislation, you have specific rights under data protection law, including:

– Right of Access: You may request details of the personal data we hold about you.
– Right to Rectification: You have the right to request correction of inaccurate or incomplete data.
– Right to Erasure: You may request the removal of your personal data, subject to certain legal exceptions.
– Right to Restriction: You may request the restriction of our processing of your data under certain circumstances.
– Right to Data Portability: You may request a copy of your data in a structured, machine-readable format and have that data transmitted to another controller.
– Right to Object: You may object to our processing of your data based on legitimate interests or for direct marketing purposes.
– Right to Withdraw Consent: Where we rely on consent to process your information, you can withdraw it at any time.

To exercise your rights, please contact us via [email protected].

6. Security Measures

We implement a comprehensive suite of technical and organizational security measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. These include, but are not limited to:

– Use of secure encryption protocols (such as HTTPS and SSL/TLS)
– Role-based and restricted access control
– Regular data backups and redundancy safeguards
– Up-to-date server and software configurations with proactive patching
– Staff training in data protection and information security best practices

7. International Transfers

If and where we transfer personal data to countries outside the European Economic Area or other regions with data protection laws that differ from those in your jurisdiction, we ensure that such transfers are legally permitted and appropriately safeguarded. These mechanisms include Standard Contractual Clauses approved by the European Commission and compliance with other applicable cross-border data transfer frameworks.

8. Data Retention

We retain personal data only for as long as is necessary to fulfill the purposes for which it was collected, including the fulfillment of legal, regulatory, tax, accounting, or reporting obligations. Retention periods by data type include:

– Usage & Technical Data: up to 12 months
– Account & Profile Data: for the duration of the user relationship and up to 36 months afterward
– Transaction Data: 7 years (to comply with financial and tax laws)
– Communication Data: 18 months
– Preference Data: until consent is withdrawn or updated

Upon expiration of these periods, data is securely deleted or anonymized for analytical purposes.

9. Cookie Policy

We use cookies and similar technologies on sophiekarthauser.com to enhance user experience, personalize content, and analyze website traffic. Cookies fall under the following categories:

– Essential Cookies: Necessary for core website functionality and navigation.
– Functional Cookies: Enable site personalization, remembering user preferences and past interactions.
– Analytics Cookies: Collect anonymous data to understand how visitors use the website and identify areas for improvement.
– Performance Cookies: Help us monitor website performance and server responsiveness under different load conditions.

10. Cookie Management and GDPR/CCPA Compliance

Upon first visit to sophiekarthauser.com, users are presented with a cookie consent mechanism in compliance with GDPR requirements. You may modify your cookie preferences at any time using the cookie settings panel found on our website. California residents may opt-out of the sale of personal information or request further details about cookie usage under CCPA provisions. Most modern browsers also permit users to refuse or delete cookies by adjusting browser settings.

Please note that disabling certain cookies may impair certain website functionalities.

11. Children’s Privacy

Our services are not intended for individuals under the age of 13, and we do not knowingly collect personal data from children. If you believe a child’s personal information has been inadvertently collected through sophiekarthauser.com, we encourage a parent or guardian to contact us at [email protected] so we can take appropriate actions to delete such data.

12. Policy Updates and User Notifications

We may update this Privacy Policy periodically to reflect changes in our practices, laws, or service offerings. Changes will be posted on this page and, where appropriate, we will notify you via email or website notice. We encourage you to review this Privacy Policy regularly to remain informed of your rights and our obligations.

13. Contact

For any questions about this Privacy Policy, your personal data, or to exercise your rights, please contact us at:

Email: [email protected]
Website: https://www.sophiekarthauser.com

We are committed to full compliance with all applicable data privacy laws and regulations. If you have concerns regarding your data privacy rights, we encourage you to reach out to us.