Privacy Policy for storiesinevertoldmymother.com
At storiesinevertoldmymother.com (“we,” “us,” “our,” or the “Website”), we are committed to protecting the privacy, security, and rights of all individuals who interact with our digital platforms. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as amended. Your privacy is our priority, and we are dedicated to maintaining a transparent and lawful approach to handling personal data.
1. Scope of this Privacy Policy and Our Role as Data Controller
This Privacy Policy applies to all personal data collected through the Website, storiesinevertoldmymother.com, including data gathered through user interactions such as browsing, subscriptions, contact forms, account registration, and any other means of engagement with our services. For the purpose of applicable data protection legislation, including the GDPR, the data controller responsible for your information is storiesinevertoldmymother.com. As such, we determine the purposes and means of processing your personal data.
2. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
– Usage Data: Includes Internet Protocol (IP) address, browser type, operating system, referral paths, page views, session duration, and interactions with site features. This data is primarily collected via automated technologies such as log files and analytics tools.
– Account Data: Includes personal details provided when creating or updating an account, such as full name, physical address, email address, and telephone number.
– Profile Data: Includes data related to user behavior, purchase history, preferences, feedback, and browsing patterns across the Website.
– Communication Data: Includes data provided when you correspond with us via contact forms, email, or customer service channels, as well as our responses and internal notes related to that communication.
– Technical Data: Includes information about the devices you use to access the Website, such as device identifiers, hardware model, operating system/version, language settings, and system configuration.
– Transaction Data: Includes details related to product or service purchases, billing and shipping information, and payment method data (processed via secure third-party services; we do not store full payment information on our servers).
– Preference Data: Includes user-provided information about marketing preferences, communication consents, and product or service interests.
3. Legal Bases for Data Processing
We process your personal data lawfully under one or more of the following legal bases:
– Performance of a contract: When data processing is necessary for the performance of a contract with you or to take steps prior to entering into such a contract (e.g., fulfilling orders or managing your user account).
– Consent: When you have freely given explicit consent for a particular purpose, such as subscribing to our newsletter or consenting to non-essential cookies.
– Legitimate interests: When processing is necessary for our legitimate interests, provided such interests are not overridden by your fundamental rights or freedoms (e.g., Website optimization, fraud prevention).
– Compliance with legal obligation: When data processing is necessary to fulfill our legal responsibilities, including recordkeeping, regulatory compliance, or responding to lawful requests by public authorities.
4. Your Rights Under Data Protection Laws
Subject to verification and applicable limitations, you have the following rights in relation to your personal data:
– Right of Access: You may request confirmation of whether we process your personal data and obtain a copy of that data.
– Right to Rectification: You may request correction of inaccurate or incomplete personal information.
– Right to Erasure: You may request that we delete your personal data, subject to legal or contractual retention obligations.
– Right to Restrict Processing: You may request that we suspend the processing of your personal data under certain conditions.
– Right to Data Portability: You may request that we provide you with your personal data in a structured, commonly used, machine-readable format, or transmit it to another controller where feasible.
– Right to Object: You may object to the processing of your personal data based on legitimate interests or direct marketing purposes.
To exercise these rights, please contact us at [email protected]. We will respond in accordance with applicable legal timelines and requirements.
5. Security Measures
We apply rigorous security protocols to safeguard your personal data, including but not limited to:
– Data encryption in transit (SSL/TLS) and at rest where applicable
– Access controls, password-protected systems, and role-based permissions
– Routine security audits and vulnerability assessments
– Regular staff training on data protection and cybersecurity best practices
– Secure backup procedures and business continuity plans
While we implement suitable protective measures, no system can guarantee absolute security. Therefore, we encourage you to exercise caution and maintain personal vigilance when transmitting data online.
6. International Data Transfers
Your personal data may be transferred to, processed, and stored in locations outside of your country of residency, including servers located in jurisdictions that may not offer the same level of data protection as your local laws. Where such transfers occur, we utilize appropriate safeguards, including standard contractual clauses approved by the European Commission, to ensure your rights are preserved.
For California residents, we ensure that such transmissions comply with the CCPA’s protection standards and do not constitute a “sale” of personal information as defined under California law, unless specifically authorized.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including satisfying legal, contractual, accounting, or reporting requirements. Retention periods may differ based on the data category:
– Account and Transaction Data: Up to 7 years for tax and compliance purposes
– Communication and Support Data: Up to 2 years following final contact
– Cookie and Usage Data: Variable, typically 6–24 months, unless actively deleted
– Marketing Data: Retained until unsubscribed or opted out
8. Cookies and Similar Technologies
Our Website uses cookies and similar tracking technologies to enhance the browsing experience and provide relevant content. Categories of cookies we employ include:
– Essential Cookies: Required for Website functionality, such as navigation and security features
– Functional Cookies: Remember preferences (e.g., language, device settings)
– Analytics Cookies: Help us understand website usage through aggregate data analysis (e.g., Google Analytics)
– Performance Cookies: Monitor Website performance and detect errors or issues
These cookies may be set by us or third-party services we use. Where applicable, personal data collected via cookies will be processed in accordance with this Privacy Policy.
9. Cookie Management and Legal Compliance
As required under the GDPR and CCPA, we provide clear mechanisms for cookie consent and opt-out. On your first visit to storiesinevertoldmymother.com, you will be presented with a cookie banner where you can accept or customize your cookie preferences.
You may also modify your settings at any time via our Cookie Settings link or through your browser/device settings. Refusing non-essential cookies will not impact essential site functionality but may affect your overall user experience.
10. Special Considerations for Children
Our services are not intended for children under the age of 13. We do not knowingly collect or solicit personal data from minors. If we learn that we have inadvertently obtained personal information from a child under 13 without verified parental consent, we will take prompt action to delete such information. Parents or guardians who believe their child may have submitted personal data may contact us at [email protected].
11. Updates to this Privacy Policy
We reserve the right to update this Privacy Policy to reflect legal, technical, or operational changes. In the event of material changes, we will provide notice through our Website in a transparent manner. We encourage all users to review this policy periodically to remain informed about how their data is handled.
12. Contact Us
For any questions, concerns, or requests regarding your personal information or this Privacy Policy, please contact us at:
Email: [email protected]
We take all data protection inquiries seriously and strive to respond promptly and in compliance with all applicable legal requirements.
Compliance Statement
Storiesinevertoldmymother.com endeavors to maintain compliance with the data protection laws and standards applicable in all jurisdictions where we operate. If you have any concerns about how we process your personal data, please reach out to us so we may address your inquiry responsibly and transparently.