Privacy Policy
1. Introduction
At Flourish Mama Haven (“we,” “us,” or “our”), accessible via flourishmamahaven.com (“the Website”), your privacy and the protection of your personal data is of paramount importance. We are fully committed to maintaining the security, confidentiality, and integrity of your personal information in accordance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy describes how we collect, use, disclose, and safeguard your personal data, and outlines your rights as a user of our Website and services.
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through the Website, whether through browsing, account registration, communication, or interaction with our services. For the purposes of the GDPR, Flourish Mama Haven is the data controller for any personal data collected through its Website and services. If you are a resident of California, this policy also outlines your rights under the CCPA.
By using flourishmamahaven.com, you consent to the processing of your personal information as described herein.
3. Categories of Data Processed
We process the following categories of personal data:
a. Usage Data
We collect non-identifiable information relating to your use of the Website. This includes, but is not limited to, IP addresses, browser type/version, pages visited, referring domains, session durations, and access timestamps.
b. Account Data
When you register an account or make a purchase, we may collect your full name, billing and shipping addresses, email address, phone number, and other similar identifying information.
c. Profile Data
We may collect optional data you provide that helps us personalize your experience, such as gender, interests, purchase history, and changes made to account preferences or behavioral patterns.
d. Communication Data
We retain all correspondence sent to us through contact forms, email requests, support inquiries, or other communication channels. This information may include your name, email address, and the content of your messages.
e. Technical Data
To ensure platform functionality and safety, we collect data about the devices you use, including device identifiers, operating system details, browser types, and configuration settings.
f. Transaction Data
If you make purchases through our Website, we collect data regarding transaction records, ordered products, payment methods (processed through secure third-party services), and delivery or fulfillment information.
g. Preference Data
We record your preferences related to marketing communications, newsletter subscriptions, participation in surveys, and product interests.
4. Legal Bases for Processing
We process personal data only when there is a lawful basis to do so under applicable laws. The principal legal bases we rely on include:
– Performance of a contract: to process orders and provide our services.
– Legitimate interests: to improve our website, prevent fraud, and analyze Site usage.
– Legal obligations: to comply with applicable financial, tax, or legal responsibilities.
– Consent: where required, we seek your explicit permission, especially for email marketing or use of non-essential cookies.
5. Your Rights
We fully respect your rights under applicable data protection laws. Subject to verification, you may exercise the following rights:
– Right of Access: to request details about the personal data we hold on you.
– Right to Rectification: to correct any inaccurate or incomplete personal data.
– Right to Erasure: to request deletion of personal data, subject to legal exceptions.
– Right to Restriction: to limit our processing under certain circumstances.
– Right to Data Portability: to receive a copy of your data in a commonly used format and transmit it to others.
– Right to Object: to specific uses of your data, including our marketing or analytics processes.
– Right to Lodge a Complaint: with the relevant data protection authority if you believe your rights have been infringed.
California residents also benefit from rights under the CCPA, including the right to opt-out from the “sale” of their data, access data we hold, and request deletion.
To exercise your rights, contact us at [email protected].
6. Security Measures
We implement technical and organizational measures to ensure the confidentiality, integrity, and availability of your personal data. These include, but are not limited to:
– Encryption of data during transfer and at rest where applicable.
– Role-based access control and multi-factor authentication for administrative accounts.
– Regular system updates and vulnerability assessments.
– Backups and disaster recovery mechanisms.
– Staff training and confidentiality agreements.
While we strive to use commercially acceptable means to protect your personal data, no system is impenetrable. You are responsible for maintaining the confidentiality of your own login credentials.
7. International Transfers
If you are accessing flourishmamahaven.com from outside the country of our server operation, please note that your data may be transferred internationally. We ensure that such transfers comply with applicable data protection laws by implementing appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission or similar arrangements under other jurisdictions.
8. Data Retention
We retain personal data only for as long as necessary for the purposes it was collected, including:
– Account Data: retained for as long as your account remains active.
– Transaction Data: retained for up to 7 years for legal and accounting purposes.
– Communication Data: retained for up to 3 years to manage customer relationships.
– Usage and Technical Data: retained for up to 24 months for analytics and security purposes.
– Marketing Preferences: retained until you revoke your consent or opt out.
We anonymize or destroy data securely once it is no longer necessary.
9. Cookie Policy
Flourish Mama Haven uses cookies and similar technologies to enhance user experience and analyze site traffic. These cookies fall into the following categories:
– Essential Cookies: necessary for Website functionality (e.g., login, cart).
– Functional Cookies: remember your preferences and enhance usability.
– Analytics Cookies: collect aggregated data on site usage (e.g., Google Analytics).
– Performance Cookies: help track performance and responsiveness of the Website.
10. Cookie Management and Compliance
When you first access the Website, you will be prompted with a cookie consent banner compliant with GDPR and CCPA regulations. You can manage cookie preferences at any time through your browser settings or through our on-site cookie settings tool.
We do not sell your personal data. Where required under the CCPA, you will be offered a clear “Do Not Sell My Personal Information” option when applicable.
11. Children’s Privacy
This Website is not directed to children under the age of 13. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected information from a child under 13, we will take reasonable steps to delete such data as soon as possible. Parents or guardians who believe their child has submitted personal data may contact us at [email protected].
12. Policy Updates
We reserve the right to periodically update this Privacy Policy to reflect legal, regulatory, or operational changes. Any substantive changes will be communicated to users via our Website banner, notification emails, or other appropriate channels. Continued use of flourishmamahaven.com constitutes your acceptance of the updated policy.
13. Contact Us
If you have any questions or concerns regarding this Privacy Policy or our practices surrounding your personal data, please contact us at:
Email: [email protected]
Website: https://www.flourishmamahaven.com
We are committed to maintaining compliance with applicable privacy laws and to safeguarding your personal information responsibly. Your trust is important to us. Please do not hesitate to contact us with any concerns related to data privacy.