Privacy Policy
1. Introduction
At SarahMaloy.com, we are firmly committed to safeguarding your personal data and respecting your right to privacy. This Privacy Policy outlines the manner in which we collect, use, store, and disclose your personal information in compliance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We take a privacy-first approach, ensuring that any personal data entrusted to us is processed lawfully, transparently, and for a legitimate purpose.
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to visitors, users, and customers of the website located at sarahmaloy.com (the “Website”). The data controller responsible for the processing of your personal data under this Privacy Policy is Sarah Maloy.
For the purposes of applicable data protection legislation, the data controller of personal data collected through the Website is:
Sarah Maloy
Contact Email: [email protected]
This Privacy Policy does not apply to any third-party websites, services, or applications that may be linked to or accessible via sarahmaloy.com.
3. Categories of Personal Data We Process
We may process the following categories of personal data, depending on your interaction with the Website:
– Usage Data: Includes information about your visits, such as browser type, IP address, geographical location, pages visited, time spent on the site, and navigation patterns.
– Account Data: Includes your name, email address, phone number, and mailing address provided when you create an account or contact us.
– Profile Data: Includes your preferences, prior purchases, interactions with content, and behavioral trends derived from your usage of the Website.
– Communication Data: Includes records of correspondence, customer service inquiries, support tickets, and any feedback submitted.
– Technical Data: Includes information collected from your device such as operating system, browser configuration, screen resolution, and unique device identifiers.
– Transaction Data: Includes details related to payments you make through the Website, including billing information, transaction history, and delivery information.
– Preference Data: Includes your marketing communication preferences and expressed interests relevant to our products, services, or content.
4. Legal Bases for Processing
We process your personal data only where there is a legal basis to do so under applicable data protection regulations. The primary legal grounds include:
– Consent: When you have clearly given consent for us to process your personal data for a specific purpose.
– Contract: Where processing is necessary for the performance of a contract to which you are a party, or for taking steps prior to entering into a contract.
– Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
– Legitimate Interests: Where processing is necessary for our legitimate interests, provided that such interests are not overridden by your data protection rights and freedoms.
5. Your Rights
Under the GDPR and CCPA, you have specific rights concerning your personal data. These include:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may request that we correct inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data in certain circumstances, such as when it is no longer necessary or you withdraw consent.
– Right to Restriction: You may request that we limit the processing of your data in specific scenarios.
– Right to Data Portability: You may request a copy of your data in a structured, commonly used, and machine-readable format.
– Right to Object: You may object to the processing of your data based on legitimate interests or direct marketing.
– Non-Discrimination: We will not discriminate against you for exercising your rights under the CCPA.
To exercise your rights, please contact us at [email protected]. We may need to verify your identity before fulfilling your request.
6. Security Measures
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. These include:
– Data encryption at rest and in transit
– Role-based access controls with strong authentication
– Regular security monitoring and audits
– Secure data backups and redundancy procedures
– Employee data protection training and confidentiality agreements
While we strive to protect your personal data, no system can be completely secure. You are also responsible for maintaining the confidentiality of your passwords and user credentials.
7. International Data Transfers
We may transfer and process your data outside of the jurisdiction in which you reside, including to countries not offering the same level of data protection. When we do so, we ensure adequate safeguards are in place, such as the European Commission’s Standard Contractual Clauses or other legally acceptable means.
By using the Website or providing your personal data, you consent to these transfers in accordance with applicable data protection laws.
8. Data Retention
We retain personal data for as long as necessary to fulfill the purpose for which it was collected and to comply with our legal and contractual obligations. Retention periods vary by data type but typically include:
– Usage Data: Retained for up to 12 months for analytical and security purposes.
– Account Data: Retained for as long as the account remains active and for up to 6 years thereafter to maintain records.
– Transaction Data: Retained for up to 7 years in compliance with financial regulations.
– Communication Data: Retained for up to 3 years for customer service and support tracking.
– Preference Data: Retained until consent is withdrawn or data is updated by the user.
9. Cookie Policy
We use cookies and similar technologies to enhance your experience on sarahmaloy.com. These include:
– Essential Cookies: Required for the operation and security of the Website.
– Functional Cookies: Enable personalization features and remember your choices.
– Analytics Cookies: Collect anonymized data about user behavior and site performance.
– Performance Cookies: Help us improve the speed and responsiveness of the Website.
Cookies are placed either by us or by third-party service providers, such as analytics platforms.
10. Cookie Management and Compliance
You can manage your cookie preferences directly through your browser settings or by using the cookie consent banner on sarahmaloy.com. Under GDPR and CCPA, non-essential cookies will only be placed with your explicit consent.
You also have the right to opt-out of certain types of cookies and tracking technologies. California residents may exercise Do Not Sell My Personal Information rights as applicable.
11. Children’s Privacy
Our Website is not directed to children under the age of 13, and we do not knowingly collect personal data from children. If you believe your child has provided us with personal data, please contact us at [email protected] so that we may delete the data promptly.
12. Policy Updates and Notifications
We reserve the right to modify or update this Privacy Policy at our discretion. We will provide notice of significant changes by updating the policy on sarahmaloy.com and, where required, by notifying you through email or Website notification.
We encourage you to review this Privacy Policy periodically to stay informed about our data practices.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:
Email: [email protected]
We are dedicated to upholding your rights and maintaining your trust. Any inquiries regarding privacy practices will be reviewed and addressed in accordance with applicable data protection laws.
SarahMaloy.com operates in accordance with the GDPR, CCPA, and other applicable privacy regulations. Please reach out to us at [email protected] with any questions or concerns regarding your privacy or data rights.