Privacy Policy
The website located at thecreepingivies.com (“Website”, “we”, “our”, or “us”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect personal information, in accordance with relevant data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
We value your trust and take our obligations regarding your personal data seriously. Please read this policy carefully to understand your rights and our practices surrounding your information.
1. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected by or on behalf of the Website through your use of our services, including visiting, browsing, creating an account, or making purchases. For the purpose of applicable data protection legislation, The Creeping Ivies is the data controller responsible for your personal information.
If you have any questions or concerns about the handling of your personal data, please contact us at [email protected].
2. Categories of Data Processed
We may collect and process the following categories of personal data, either directly from you or automatically through your use of thecreepingivies.com:
a) Usage Data:
Includes information about your interactions with the Website, such as pages viewed, clickstream data, access times, browser type and version, operating system, and IP addresses.
b) Account Data:
Refers to information you provide when creating an account or placing an order, such as your full name, billing and shipping address, email address, and telephone number.
c) Profile Data:
Includes user preferences, product interests, browsing behavior, and items added to your cart or wishlist.
d) Communication Data:
Includes any personal data contained in correspondence between you and us, including support requests, inquiries via email, or live chat history.
e) Technical Data:
Includes device type, hardware model, unique device identifiers, mobile network information, and system configuration data.
f) Transaction Data:
Includes payment card details (processed through secure payment processors), order history, invoicing details, and delivery addresses.
g) Preference Data:
Includes your selections relating to marketing communications, notification preferences, and subscription status.
3. Legal Bases for Processing Personal Data
We use your data only when permitted under applicable law. Our lawful bases for processing personal data include:
– Consent: When you have given explicit permission for us to process your data (e.g., for marketing emails).
– Contractual Necessity: Processing necessary for the performance of a contract to which you are a party (e.g., completing a purchase).
– Legal Obligation: Where we are required to comply with legal obligations.
– Legitimate Interests: Processing for our legitimate business interests, provided those interests are not overridden by your fundamental rights and freedoms (e.g., fraud prevention, service improvements).
4. Your Data Protection Rights
Subject to local laws and applicable exceptions, you may exercise the following rights regarding your personal data:
– Right of Access: Request confirmation about whether we process your data and receive access to a copy.
– Right to Rectification: Request correction of inaccurate or incomplete information.
– Right to Erasure: Request the deletion of personal data, subject to necessary data retention requirements.
– Right to Restrict Processing: Request limitation of data processing in certain circumstances.
– Right to Data Portability: Receive your data in a structured, commonly used, and machine-readable format to transmit to another controller.
To initiate a request, please contact us at [email protected].
5. Security Measures
We employ industry-standard measures to safeguard your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include:
– Encryption of data in transit and at rest;
– Multi-factor authentication for internal systems;
– Limited access to personal data on a need-to-know basis;
– Regular backups and secure storage practices;
– Employee training on data privacy and security standards.
6. International Transfers
Your data may be transferred, stored, or processed outside of your country of residence. In such cases, we ensure appropriate safeguards are in place, such as:
– Standard Contractual Clauses approved by the European Commission;
– Country-specific adequacy determinations by the European Commission or other data protection authorities.
We are committed to ensuring that international data transfers comply with all applicable privacy laws.
7. Data Retention
We retain personal data only for as long as necessary for the purposes outlined in this Policy or as required by law. Specific retention periods include:
– Account Data: Maintained for the duration of the account and up to 6 years following account closure;
– Transaction Data: Retained for at least 7 years for tax and legal compliance;
– Communication Data: Retained for a period of up to 3 years after final correspondence;
– Cookie and Technical Data: Retained in accordance with cookie expiration timelines, generally ranging from session-only up to 2 years.
8. Cookie Policy
We use cookies and similar technologies to enhance your experience on thecreepingivies.com. The following types of cookies may be employed:
– Essential Cookies: Necessary for website functionality, such as remembering login sessions and shopping cart contents.
– Functional Cookies: Enable enhanced features such as remembering your preferences and saved settings.
– Analytics Cookies: Help us understand how visitors use our Website, including traffic sources and visitor behavior.
– Performance Cookies: Measure system performance and load times to enhance the user experience.
For a detailed list of cookies and their individual purposes, please consult our Cookie Management Platform available on the Website.
9. Cookie Management and Compliance
In compliance with the GDPR and CCPA, users may manage their cookie preferences upon their first visit or through the Cookie Settings link available on thecreepingivies.com. You may also control cookies by modifying browser settings to refuse or delete them.
Under the CCPA, California residents are entitled to:
– Know what personal data is being collected and how it’s used;
– Delete personal data (subject to legal exceptions);
– Opt-out of the sale or sharing of personal information;
– Non-discrimination for exercising their data rights.
We do not sell personal data, as defined under the CCPA.
10. Children’s Privacy
We do not knowingly collect personal data from children under the age of 13. If we become aware that we have received such information in violation of this policy, we will take reasonable steps to delete it. If you are a parent or guardian and believe we may have received personal data about your child, please contact us immediately at [email protected].
11. Changes to This Policy
We reserve the right to revise this Privacy Policy at any time. Any modifications will be effective upon posting on thecreepingivies.com. If material changes are made, we will provide prominent notice through the Website or contact you using the information you have provided.
We encourage users to regularly review this Privacy Policy to remain informed of any updates.
12. Contact Us
If you have any questions about this Privacy Policy, your personal data, or wish to exercise your privacy rights, please contact us at:
Email: [email protected]
We are committed to addressing all privacy-related inquiries promptly and transparently.
We affirm our compliance with applicable data protection laws and aim to provide you with confidence in how we collect, manage, and protect your personal information. Please reach out if you have any concerns, and thank you for trusting thecreepingivies.com with your data.