PRIVACY POLICY
Grace Mama World (“we,” “our,” or “us”) values your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data through our website, gracemamaworld.com, in compliance with all applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We encourage you to read this document carefully to understand our practices regarding your personal data and your associated rights.
1. Commitment to Privacy and Data Protection
Your trust is paramount to us. We uphold the principles of transparency, accountability, and responsible processing in all our data collection and handling activities. We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, or alteration. This Policy reflects our commitment to respecting your fundamental right to privacy and data protection.
2. Scope and Data Controller Responsibility
This Privacy Policy applies to all personal data processed through gracemamaworld.com and any associated services or communications. For the purposes of the GDPR and CCPA, Grace Mama World is the “data controller,” determining the purposes and means of processing your personal information.
If you have any questions, you may contact us at:
Email: [email protected]
3. Categories of Personal Data We Process
Depending on your interaction with our website and services, we may process the following categories of personal data:
a) Usage Data
Includes information about how you interact with our site (e.g., IP address, browser type, referral URLs, pages visited, date/time stamps, and session duration). This data helps improve our site functionality and user experience.
b) Account Data
Provided voluntarily when you create an account or place an order—includes full name, billing/shipping address, email address, and telephone number.
c) Profile Data
Comprises optional information such as product preferences, wishlists, previous purchases, and browsing behavior, used to tailor your user experience.
d) Communication Data
Includes correspondence through our contact forms, support requests, email communications, and customer service interactions.
e) Technical Data
Data generated by the device used to access our site, such as device model, operating system, browser type/version, and other system and platform configurations.
f) Transaction Data
Pertains to any purchases made on gracemamaworld.com, including transaction details, order history, delivery status, and payment method/token (note: we do not store full payment card details).
g) Preference Data
Includes marketing and communication preferences (e.g., subscription consent), product interests, response to promotions, and participation in surveys or contests.
4. Legal Bases for Processing
We collect and process your personal data under the following lawful bases:
– Consent: When you provide clear consent for us to process your data for specific purposes (e.g., marketing opt-ins).
– Contractual Obligation: When processing is necessary to fulfill a contract or perform pre-contractual measures (e.g., fulfilling your order).
– Legitimate Interests: When processing is necessary for our legitimate purposes, provided these do not override your fundamental rights and freedoms (e.g., website analytics, fraud prevention).
– Legal Requirement: Where processing is necessary to comply with legal obligations (e.g., keeping accounting records).
5. Your Rights Under GDPR and CCPA
Subject to applicable law and limitations, you have the following rights with respect to your personal data:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may request correction of incomplete or inaccurate data.
– Right to Erasure: You may request deletion of your data where there is no lawful reason to continue processing.
– Right to Restrict Processing: You may request limited use of your data under certain circumstances.
– Right to Data Portability: You may receive a copy of your data in a structured, commonly used, and machine-readable format and transmit it to another controller.
– Right to Object: You may object to processing based on our legitimate interests or for direct marketing purposes.
– Right Not to Be Subject to Automated Decision-Making: Where applicable, you have the right not to be subject to decisions based solely on automated processing.
– Right to Opt-Out of Sale (CCPA): California residents have the right to opt out of any sale of their personal data, as defined under CCPA.
To exercise your rights, please email us at: [email protected].
6. Security Measures
We employ rigorous security measures to protect personal data, including:
– Encryption technologies (SSL/TLS) for data transmission
– Secure access controls and authentication systems
– Regular system audits and monitoring for vulnerabilities
– Encrypted backups and secure data hosting
– Staff training on data protection and confidentiality
Although we strive to use commercially acceptable means to protect your personal data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
7. International Data Transfers
Your data may be stored or processed in countries outside your country of residence, including nations not recognized by the European Commission as providing an adequate level of data protection. In such cases, we rely on Standard Contractual Clauses, binding corporate rules, or other approved safeguards to ensure appropriate protection.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal and accounting requirements. Specific timeframes include:
– Account Data: retained until account closure, plus statutory limitation period.
– Transaction Data: retained for seven (7) years for tax and audit purposes.
– Communication Data: retained for up to two (2) years unless legally required to retain longer.
– Marketing Data: retained for as long as you remain subscribed or until consent is withdrawn.
– Usage and Technical Data: anonymized or deleted within 24 months.
9. Cookie Policy
We use cookies and similar technologies on gracemamaworld.com for a variety of purposes:
– Essential Cookies: Necessary for the operation of the website (e.g., session management and shopping cart functionality).
– Functional Cookies: Remember user choices, such as language or region preferences.
– Analytics Cookies: Collect aggregated data to analyze site usage and improve performance.
– Performance Cookies: Support speed improvements and load-balancing across the infrastructure.
For a detailed breakdown of the types of cookies we use and their purposes, refer to our dedicated Cookie Notice available on the website.
10. Cookie Management and Compliance
In accordance with GDPR and CCPA, you have the right to manage cookie preferences:
– Users within the EU are presented with a consent banner upon first visit, enabling opt-in/opt-out mechanisms for non-essential cookies.
– California residents can opt out of the sale of personal data via our “Do Not Sell My Personal Information” link.
– You may also adjust cookie settings using your browser controls.
You may withdraw your cookie consent at any time on gracemamaworld.com.
11. Protection for Children Under 13
Our website and services are not directed to children under the age of 13, and we do not knowingly collect personal data from such children. If we become aware that we have collected personal information from a child without parental consent, we will promptly delete such data. Parents or guardians who believe their child has submitted information may contact us at: [email protected].
12. Policy Updates and User Notification
We may revise this Privacy Policy as necessary to reflect changes in our practices, operations, or applicable laws. We will notify users of substantive changes by posting an updated version on gracemamaworld.com and, where appropriate, providing direct notice (e.g., via email). Continued use of our website following the posting of changes constitutes your acceptance of the revised policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or how your data is handled, you may contact us at:
Grace Mama World
Email: [email protected]
Website: gracemamaworld.com
We are committed to complying with all applicable data protection laws, including GDPR and CCPA. If you have privacy concerns, do not hesitate to contact us – your privacy matters.