Privacy Policy for Grace Mama World
Grace Mama World (“we,” “us,” or “our”) operates the website located at gracemamaworld.com (the “Site”). We are firmly committed to protecting your privacy and processing your personal information transparently, responsibly, and in compliance with applicable privacy laws, including the European Union’s General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy outlines how we collect, use, disclose, and protect your information and describes your rights regarding your personal data.
1. Commitment to Privacy and Data Protection
At Grace Mama World, your privacy is a top priority. We are dedicated to safeguarding the personal information entrusted to us and adhere to the highest standards of data protection and transparency. All data processing is designed to respect the confidentiality, integrity, and availability of your personal data.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users of gracemamaworld.com and related services. Grace Mama World is the “data controller” for personal data processed via the Site, meaning we determine the purposes and means of processing. This policy applies to all interactions with our website, whether you are browsing, making a purchase, or contacting customer support.
3. Categories of Personal Data We Collect and Process
We may collect and process the following categories of personal data, either directly from you or through automated means:
a. Usage Data
Includes browser type, operating system, pages visited, time and date of access, IP address, and geolocation associated with each session.
b. Account Data
Includes name, email address, billing address, shipping address, and phone number provided when you create an account or place an order.
c. Profile Data
Includes preferences, shopping cart contents, product interest, behavior on our Site, and review submissions.
d. Communication Data
Includes messages you send us, inquiries, customer support requests, and any related correspondence history.
e. Technical Data
Includes device type, operating system, mobile identifiers, and configuration details collected via analytic tracking systems or your device.
f. Transaction Data
Includes information related to purchases, such as order history, payment method (processed by third-party services), and delivery confirmations.
g. Preference Data
Includes your marketing and communication preferences, product category interests, and consent to receive promotional material.
4. Legal Bases for Processing Personal Data
We process your personal data only when permitted by applicable law and only under one or more of the following legal bases:
– Contract: When processing is necessary to perform our contract with you (e.g., fulfilling an order).
– Consent: Where you have given clear, explicit consent for processing for a specific purpose (e.g., subscribing to newsletters).
– Legal Obligation: When processing is necessary to comply with a legal obligation.
– Legitimate Interests: When processing is needed for our legitimate interests in delivering and improving the Site, provided such interests are not overridden by your fundamental rights and freedoms.
5. Your Rights under GDPR and CCPA
Depending on your jurisdiction, you may have the following rights with respect to your personal data:
– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Correct inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data (subject to certain exceptions).
– Right to Restrict Processing: Request to limit how we use your data in certain circumstances.
– Right to Data Portability: Request a machine-readable copy of your data and transfer to another controller.
– Right to Object: Object to specific uses of your data, including direct marketing.
– Right Not to Be Subject to Automated Decision-Making: We do not use automated decision-making that produces legal effects on users.
– California-Specific Rights: Under the CCPA, California residents may request disclosure of data collected about them, request deletion of their data, prevent its sale, and be free from discrimination for exercising these rights.
You can exercise any of these rights by contacting us at [email protected].
6. Security Measures
We implement industry-standard data protection practices designed to safeguard your personal data, including:
– Secure Socket Layer (SSL) encryption for data-in-transit
– Restricted access control to sensitive data
– Secure database storage with access limitations
– Routine backups and disaster recovery procedures
– Staff training on secure handling of personal data
Despite our best efforts, no transmission or storage system can be guaranteed 100% secure. If you suspect a security issue, please contact us promptly.
7. International Transfers
Grace Mama World may transfer personal data outside the jurisdiction of your residence, including to countries that may not offer the same level of data protection. When we do so, we rely on:
– Standard Contractual Clauses approved by the European Commission (for GDPR)
– Binding corporate rules or certification schemes
– Appropriate supplementary safeguards as required by law
By interacting with gracemamaworld.com, you consent to the transfer and storage of your personal data as described.
8. Data Retention
We retain personal data for only as long as necessary to fulfill the purposes we collected it for, including satisfying legal, accounting, or reporting requirements:
– Usage Data: Retained up to 12 months for analytics
– Account Data: Retained while your account remains active and up to 7 years post-closure or last transaction
– Communication Data: Retained for 3 years from last correspondence
– Technical Data: Retained up to 24 months
– Transaction Data: Retained for 7 years for tax and compliance
– Preference Data: Retained until withdrawn or updated
Data may be retained longer if required by applicable law or legal obligation.
9. Cookie Policy
Our website uses cookies and similar tracking technologies to enhance user experience and collect information about your browsing habits. We use:
– Essential Cookies: Necessary for site functionality (e.g., security, authentication, sessions)
– Functional Cookies: Enable personalization features based on user behavior
– Analytics Cookies: Help us understand website traffic and usage patterns (e.g., Google Analytics)
– Performance Cookies: Improve website speed and responsiveness
10. Cookie Management and Compliance with GDPR & CCPA
On visiting gracemamaworld.com, you are presented with a cookie consent banner. You have the choice to:
– Accept all cookies
– Customize cookie settings
– Reject non-essential cookies
You may also manage preferences via browser settings or via in-site cookie management tools. Our implementation complies with GDPR principles of prior consent and with CCPA’s right to opt-out of data sale via cookie-based profiling.
11. Children’s Privacy
Grace Mama World does not knowingly collect or solicit personal data from individuals under the age of 13. If we discover that a child under 13 has provided us personal information, we will delete such information promptly. If you believe a child may have provided us with personal information, please contact us at [email protected].
12. Policy Updates
We reserve the right to change or amend this Privacy Policy at any time without prior notice. Changes are made to remain compliant with legal obligations and best practices. Notifications of significant updates will be provided via our Site or email where appropriate.
13. Contact Us
If you have any questions about this Privacy Policy, your data rights, or how we handle your personal data, please contact our privacy team at:
Email: [email protected]
Website: https://gracemamaworld.com
We strive to maintain full compliance with GDPR, CCPA, and other applicable privacy laws. Your privacy matters to us—please reach out with any questions or concerns.