Privacy Policy for GentleMamaWorld.com
1. Introduction
Gentle Mama World (“we”, “us”, “our”) is firmly committed to protecting the privacy and personal data of our website visitors, customers, and users. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information through your interaction with gentlemamaworld.com (the “Website”). Upholding the highest standards of user privacy, we strive to maintain transparency in our data practices in accordance with applicable privacy laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
2. Scope of This Policy and Our Role as Data Controller
This Privacy Policy applies to personal data collected through gentlemamaworld.com and related services. For the purposes of data protection laws, Gentle Mama World acts as the “data controller” in relation to the personal data processed through the Website and determines the purposes and means of the processing.
If you are a resident of the European Economic Area (EEA) or California, specific sections in this Policy highlight your additional rights and our legal obligations under the GDPR and CCPA, respectively.
3. Categories of Data We Process
We may collect and process various categories of personal information, as detailed below:
(a) Usage Data – includes information about how you use our Website, such as IP address, browser type, geographical location, access times, referring URLs, session duration, and user interaction data.
(b) Account Data – includes identifying information you provide when creating an account on our Website, such as name, billing/shipping address, email address, and phone number.
(c) Profile Data – includes details of products you have viewed, purchased, or added to wishlists, preferences, and behavioral analytics related to your interaction with our services.
(d) Communication Data – includes records of your communication with us, including submitted forms, emails, messages, customer support tickets, and feedback.
(e) Technical Data – includes device-specific data such as your operating system, device type/model, IP address, browser settings, language preferences, and diagnostic logs.
(f) Transaction Data – includes data related to your purchases such as order history, payment method (limited to information processed via secure third-party processors), delivery tracking, and invoice details.
(g) Preference Data – includes your marketing preferences, opt-in/opt-out choices, and expressed interests in particular categories of products or services.
4. Legal Bases for Processing
We process your personal information based on the following lawful bases under the GDPR:
– Consent: Where you have provided explicit consent to the processing (e.g., subscription to newsletters or acceptance of cookies).
– Contractual Necessity: Where the processing is necessary for the performance of a contract with you, such as fulfilling product orders or managing account services.
– Legitimate Interests: Where the processing is necessary for our legitimate interests (e.g., fraud prevention, service improvement, marketing analytics), provided your interests and fundamental rights do not override those interests.
– Legal Obligation: Where we are required to process data in order to comply with applicable laws or legal obligations.
Under the CCPA, we do not sell personal information to third parties. You have the right to opt-out of any activity that may be construed as “sale” or “sharing” under the Act.
5. Your Rights
Depending on your jurisdiction, you are entitled to the following rights concerning your personal data:
– Right of Access: Obtain confirmation and a copy of your processed personal data.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to legal and contractual constraints.
– Right to Restriction: Request temporary restriction on the use of your data.
– Right to Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format and transfer that data to another controller.
– Right to Object: Object to processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent: Withdraw your consent at any time, without affecting the lawfulness of prior processing.
California residents may also:
– Request disclosure of the personal data collected and categories of third parties with whom we share data.
– Request to delete specific categories of data.
– Not be discriminated against for exercising privacy rights.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement a range of technical and organizational measures to protect your personal data, including:
– Encryption of sensitive data both in transit and at rest.
– Secure access controls to limit internal and external data access.
– Regular data backups with secure, resilient storage.
– Employee privacy training and access limitation based on job relevance.
– Regular system monitoring and vulnerability assessments.
Despite best efforts, no method of transmission over the internet is completely secure. You are encouraged to use secure devices and networks while communicating with us.
7. International Data Transfers
Your information may be transferred to, and maintained on, servers located outside of your country of residence. Where personal data is transferred outside the EEA or the UK, we ensure appropriate safeguards are in place, including the use of Standard Contractual Clauses approved by the European Commission or other valid transfer mechanisms.
For users under CCPA, we ensure any international data transfer aligns with applicable privacy requirements and confirm that third parties uphold equivalent data protection standards.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Usage and Technical Data: Retained up to 12 months for analytics and security monitoring.
– Account Data: Retained until the account is closed or deletion is requested.
– Profile and Preference Data: Retained until withdrawn or updated.
– Transaction Data: Retained for a minimum of 7 years for financial compliance with tax and audit regulations.
– Communication Data: Retained for up to 3 years following your last interaction unless required longer for legal obligations.
9. Cookie Policy
Cookies are small text files placed on your device to facilitate website functionality, personalization, and performance monitoring. We use the following categories on gentlemamaworld.com:
– Essential Cookies: Required for core site functions such as account login and order processing.
– Functional Cookies: Help remember preferences and settings to improve user experience.
– Performance Cookies: Collect anonymous usage data for statistics and performance tracking.
– Analytics Cookies: Provided by third-parties (e.g., Google Analytics) to better understand site usage and user interaction.
Cookies will not be used to collect personal data without your explicit consent where required.
10. Cookie Management and GDPR/CCPA Compliance
Upon first visit, users are presented with a cookie consent banner allowing acceptance, rejection, or fine-tuned control over cookie categories. You may manage cookie preferences at any time by accessing the cookie settings tool or through your browser options. CCPA and GDPR rights, including opt-out of non-essential cookies, are fully respected and built into our compliance framework.
11. Children’s Privacy
Gentle Mama World does not knowingly collect personal information from children under the age of 13. If we become aware that any such data has been inadvertently collected, we will promptly delete it. Parents or guardians who believe we may have collected data from a minor are encouraged to contact us at [email protected].
12. Updates to This Policy
We may update this Privacy Policy from time to time to reflect legal, operational, or technological changes. Material modifications will be communicated via updates on gentlemamaworld.com. Continued use of our services indicates acceptance of the revised policy.
13. Contact Information
If you have any questions about this Privacy Policy or wish to exercise your rights under applicable data protection legislation, you may reach us at:
Email: [email protected]
Gentle Mama World is committed to full compliance with international data protection regulations. We encourage users to reach out with any concerns, and we will respond in a timely and respectful manner.
