Privacy Policy for Flourish Mama Haven
1. Introduction
At Flourish Mama Haven, accessible at flourishmamahaven.com, we are committed to safeguarding the privacy and personal data of every user who entrusts us with their information. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information in full adherence to applicable data protection regulations, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant jurisdictions. We maintain a privacy-first approach in all aspects of our online operations.
Your trust is of paramount importance, and we are dedicated to ensuring that your personal data is handled responsibly, lawfully, and transparently.
2. Scope of This Policy and Our Role as Data Controller
This Privacy Policy applies to your use of the website flourishmamahaven.com (the “Site”), including all interactions, transactions, features, and communications undertaken through it. Flourish Mama Haven acts as the Data Controller for the personal data provided to or collected through this Site. If you have any questions, you may contact us at [email protected].
This Policy does not apply to third-party websites, applications, or services that may be linked from our Site.
3. Categories of Data Processed
We collect and process a range of personal data in accordance with your interactions with our Site:
a. Usage Data
We collect data related to how users interact with our Site. This may include IP addresses, operating system data, browser type, referral URLs, session timestamps, diagnostic logs, clickstream behavior, and other aggregated data associated with your browsing activity.
b. Account Data
When you create an account or make a purchase, we process information such as your full name, billing and shipping address, email address, and contact phone number.
c. Profile Data
Profile-related information includes your purchase history, browsing preferences, saved favorites, responses to surveys, demographic details, and behavioral trends on our Site.
d. Communication Data
We process correspondence including emails, contact form submissions, live chat messages, and customer support requests. This may also include call logs or email threads in response to service or product inquiries.
e. Technical Data
Device and system identifiers may be collected, such as unique device IDs, device models, operating system versions, browser plug-ins, application versions, and network information.
f. Transaction Data
In the course of managing orders and payments, we may process payment information (limited to secure tokens via payment gateways—no credit card numbers are stored by us), delivery details, transactional metadata, and confirmation statuses.
g. Preference Data
We collect your consent to receive email newsletters, marketing offers, or promotions, as well as recorded user preferences regarding product categories, wish lists, or topics of interest.
4. Legal Bases for Data Processing
In accordance with GDPR and CCPA, we rely on several legal bases to collect and process your personal data:
– Performance of a Contract: To process orders, deliver products/services, or respond to inquiries.
– Legitimate Interests: To improve the Site’s functionality, ensure security, and enhance user experience.
– Consent: For marketing communications, personalization features, and certain types of cookies.
– Legal Obligations: To comply with applicable tax, regulatory, or judicial requirements.
5. Your Rights
As a data subject, you are granted several rights under GDPR and CCPA. These include:
a. Right of Access: You have the right to request access to the personal data we hold about you.
b. Right to Rectification: You may request correction of any inaccurate or incomplete data.
c. Right to Erasure: You may request deletion of personal data where there is no legal ground for its continued retention.
d. Right to Restriction: You can request restriction of processing under certain conditions.
e. Right to Data Portability: You are entitled to receive your personal data in a structured, commonly used, and machine-readable format.
To exercise any of the above rights, please contact us at [email protected]. We may need to verify your identity before responding to any rights-based request.
6. Security Measures
We take comprehensive technical and organizational measures to ensure the protection of your personal data, including but not limited to:
– End-to-end encryption for data transmitted over the network;
– Access controls based on role and authorization;
– Regular encrypted backups of system data;
– Employee training in data protection and confidentiality;
– Secure hosting and isolation of sensitive data stores.
7. International Data Transfers
Where personal data is transferred outside of your jurisdiction—including to countries outside the European Economic Area (EEA) or outside California—the data is safeguarded through Standard Contractual Clauses approved by the European Commission or through other instruments that assure adequate levels of data protection and legal compliance.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or contractual obligations. Specific retention periods include:
– Account and Transaction Data: Retained for a minimum of seven (7) years for tax and financial compliance.
– Communication Data: Retained for three (3) years following last contact.
– Marketing Preferences: Maintained until the user unsubscribes or withdraws consent.
– Technical Logs: Retained for no more than twelve (12) months unless required for security analysis.
9. Cookie Policy
Our Site uses cookies and similar tracking technologies to enhance your experience. Cookies fall into the following categories:
– Essential Cookies: Required for proper Site functionality such as login, cart usage, and secure navigation.
– Functional Cookies: Enable features such as language preference or user customization.
– Performance and Analytics Cookies: Help us understand how visitors use the Site, identify bottlenecks, and measure effectiveness.
– Marketing Cookies: Used to deliver personalized offers and advertisements based on your interactions with us.
10. Cookie Management and Compliance
Upon your first visit, you are given the option to manage your cookie preferences in accordance with GDPR and CCPA requirements. You may withdraw or modify your consent at any time by managing cookie settings via your browser, or using our built-in consent management tool.
Under CCPA, you have the right to opt-out of the sale or sharing of personal information gathered via cookies. While we do not sell personal data for monetary value, we honor such rights via our cookie preference center.
11. Children’s Privacy
We do not knowingly collect or process personal data from children under the age of 13. If it comes to our attention that such data has been collected, we will delete it promptly from our systems. Parents or legal guardians who believe their child has provided personal information to us may contact [email protected] to request deletion.
12. Policy Updates
We reserve the right to amend or update this Privacy Policy from time to time to reflect changes in legal obligations, service offerings, or best practices. Where material changes are made, users will be notified through appropriate means, which may include email notification or prominent disclosure on our Site.
13. Contact
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Website: https://flourishmamahaven.com
We are committed to full compliance with data protection law and invite you to reach out if you believe your privacy rights have been violated or if you require clarification.