Privacy Policy
1. Introduction
At Chrissie by Tail (“we,” “us,” or “our”), accessible via chrissiebytail.com, we are fully committed to safeguarding the privacy and personal data of our users, customers, and website visitors (“you,” “your”). This Privacy Policy outlines how we collect, use, store, and protect your information in full compliance with applicable privacy laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). Your trust is essential to us, and we are dedicated to maintaining the confidentiality and integrity of your personal data through careful data stewardship and privacy-by-design methodologies.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all processing of personal data by us through our website, chrissiebytail.com, and related interactions, including purchases, customer service, email communications, and account management. For the purposes of GDPR, Chrissie by Tail is the data controller responsible for determinations regarding the purposes and means of the processing of your personal information. If you are a California resident, the provisions listed herein also outline our role as a “business” under the CCPA.
3. Categories of Data Processed
We may collect, use, store, or otherwise process the following categories of personal data:
A. Usage Data
Data related to your interaction with our website, including IP addresses, browser type and version, time zone settings, page interaction details, location data, and session duration.
B. Account Data
Personal details necessary for account creation and maintenance, such as full name, email address, phone number, billing address, and shipping address.
C. Profile Data
Information associated with your website profile, including saved preferences, purchase history, on-site behavior, and wish list or cart data.
D. Communication Data
Records of inquiries, customer service interactions, feedback submissions, and communications you initiate via our contact form or email at [email protected].
E. Technical Data
Details about the devices and systems used to access our website, including operating systems, unique device identifiers, hardware model, and system diagnostics.
F. Transaction Data
Details relating to purchases, including ordered products, payment confirmations, order fulfillment status, and shipping details.
G. Preference Data
Data concerning your communication preferences, consent to marketing communications, and product category interests.
4. Legal Bases for Processing
We rely on multiple lawful grounds for processing your personal data, depending on the specific context of collection and use:
– Contractual Necessity: To provide you with products or services you request or order.
– Consent: For marketing communications, use of cookies where legally required, and non-essential data processing.
– Legitimate Interests: For internal analytics, fraud detection, network security, and service improvement, provided that such interests are not overridden by your rights and freedoms.
– Legal Obligations: Processing required for compliance with applicable laws and regulatory authorities.
5. Your Rights
Under GDPR and CCPA, you have several rights regarding your personal data:
– Right of Access: You may request details of your personal data we hold.
– Right to Rectification: You can correct inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data, subject to legal obligations.
– Right to Restriction: You may request us to suspend processing under certain circumstances.
– Right to Portability: You can obtain and reuse your data across services in a structured, machine-readable format.
– Right to Object: You may object to our processing of your personal data where we rely on legitimate interests or where data is used for direct marketing.
– Right to Non-Discrimination: Under CCPA, you will not be discriminated against for exercising your privacy rights.
To exercise any of your rights, please contact us at [email protected]. We will respond in accordance with applicable legal requirements.
6. Security Measures
We implement a range of technical and organizational measures to secure your personal information from unauthorized access, loss, disclosure, or alteration. These include but are not limited to:
– SSL encryption across the website
– Multi-factor authentication on administration systems
– Regular data backups and secure storage
– Staff training on data protection standards
– Access control with role-based restrictions
7. International Transfers
Where personal data is transferred outside of the European Economic Area (EEA) or your local jurisdiction, we ensure appropriate safeguards are in place. These may include the use of European Commission-approved Standard Contractual Clauses (SCCs) or compliance with additional regional frameworks such as the UK GDPR or Swiss FDPIC equivalents. By using our services, you acknowledge and consent to such international transfers where required.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, regulatory, accounting, or reporting obligations. The standard retention periods are:
– Usage Data: 12 months
– Account and Profile Data: Duration of your account and 7 years post-closure
– Communication Data: 3 years from last contact
– Technical Data: 12 months
– Transaction Data: 7 years for tax and financial compliance
– Preference Data: Until revoked or unsubscribed
Data no longer required is deleted or anonymized in a secure and irreversible manner.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance user experiences. These cookies are categorized as:
– Essential Cookies: Required for the operation of chrissiebytail.com (e.g., cart functionality, user login).
– Functional Cookies: Record user preferences to personalize the experience.
– Performance Cookies: Collect aggregated data on site performance for optimization.
– Analytics Cookies: Help us analyze website usage through tools such as Google Analytics.
None of these cookies are used to identify you personally without your consent.
10. Cookie Management and Compliance
Upon your first visit to chrissiebytail.com, and periodically thereafter, you will be prompted to manage cookie preferences. You may accept or reject non-essential cookies through our Cookie Consent Tool or configure browser settings to manage cookies manually. These settings ensure compliance with GDPR and CCPA by enabling user control over personal information. If you change your mind later, your preferences can be updated on our site.
11. Children’s Data
Chrissie by Tail does not knowingly collect or solicit personal data from individuals under the age of 13. If we discover that we have inadvertently gathered data from a child without verified parental consent, we will delete such information promptly. If you believe we have collected data from a child, please notify us immediately at [email protected].
12. Policy Updates and User Notifications
This Privacy Policy may be updated from time to time in order to reflect changes in our practices, regulatory updates, or operational needs. Any significant changes will be communicated through notices on our website or by direct communication where appropriate. It is your responsibility to periodically review this Privacy Policy to stay informed.
13. Contact
If you have any questions, concerns, or would like to exercise your privacy rights under applicable law, please contact us at:
Email: [email protected]
Website: https://www.chrissiebytail.com
—
Chrissie by Tail is committed to ensuring your privacy rights are honored in accordance with GDPR, CCPA, and other applicable data protection laws. Should you have any privacy concerns, we encourage you to reach out to us for clarification or assistance.