Privacy Policy for Sweet Mama Journey
Sweet Mama Journey (“we”, “us”, “our”) is committed to safeguarding your privacy and ensuring that your personal data is protected. This Privacy Policy describes how we collect, use, disclose, and protect your personal data when you visit or interact with our website, sweetmamajourney.com (the “Site”), or when you otherwise engage with our services. We are fully aligned with applicable privacy laws, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), and strive to provide transparency and security for all data subjects.
1. Commitment to Privacy and Data Protection
We acknowledge the fundamental right to privacy and are committed to upholding the highest standards of data protection. We process personal data lawfully, fairly, and transparently, in accordance with applicable privacy laws. This Policy outlines your rights and our responsibilities, ensuring that your personal data is handled with care, respect, and integrity.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of sweetmamajourney.com, and to all personal data collected through our Site, services, communications, and transactions. Sweet Mama Journey acts as the Data Controller of the personal data you provide or that we collect through your interaction with the Site. If you have questions or concerns about this Policy or our processing of your data, you may contact us at [email protected].
3. Categories of Personal Data We Process
We process the following categories of personal data:
a. Usage Data
Information about how you interact with our Site, including browser type, Internet Protocol (IP) address, pages visited, time spent on pages, clicking behavior, and other diagnostic data collected through cookies and similar technologies.
b. Account Data
When you create an account or complete a form, we may collect your full name, mailing and billing address, email address, and contact telephone number.
c. Profile Data
Data generated from your interactions with our services, such as your preferences, interests, purchase history, feedback, and engagement behavior.
d. Communication Data
Includes information you submit through contact forms or customer support channels, such as the content of messages, support requests, and written correspondence.
e. Technical Data
Device-specific information, including operating system, device model and identifiers, browser plugins, network provider, screen resolution, and other system configuration details.
f. Transaction Data
Details relating to the purchase of goods or services on our Site, including order details, payment confirmation information, delivery status and method, currencies used, and amounts paid.
g. Preference Data
Marketing and communication preferences, such as your opt-in/opt-out statuses, interests in specific products or services, subscription choices, and consents provided.
4. Legal Bases for Processing
We process your personal data only when a valid legal basis applies, which includes:
– Contractual Necessity: Data required to provide products or services you request or to perform obligations under a contract with you.
– Legitimate Interests: Processing necessary for our legitimate business interests, balanced against your rights and freedoms. Examples may include site analytics, prevention of fraud, and customer service enhancements.
– Consent: When you provide explicit permission for specific uses, including marketing or optional cookies.
– Legal Obligation: When processing is necessary to comply with legal and regulatory requirements.
5. Your Rights
Under GDPR and CCPA (where applicable), you may exercise the following rights:
– Right of Access: You may request confirmation whether we process your personal data and request a copy of such data.
– Right to Rectification: You may ask us to update or correct inaccurate or incomplete data.
– Right to Erasure: In certain circumstances, you have the right to request deletion of personal data we hold about you.
– Right to Restriction: You may request that we limit or suspend the processing of your data in specified conditions.
– Right to Data Portability: Where applicable, you may request a copy of your personal data in a structured, machine-readable format.
– Right to Object: You may object to processing carried out on the basis of legitimate interest or for direct marketing purposes.
– Right to Withdraw Consent: If we rely on your consent, you may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal.
– Additional CCPA Rights: California residents may request disclosure of categories of personal data, the sources of such data, purposes of collection, third parties shared with, and specific data collected. California users may also opt-out of the sale of personal information.
6. Security Measures
We take the security of your data seriously and implement appropriate organizational and technical measures, including but not limited to:
– Industry-standard encryption protocols
– Access management and role-based restrictions
– Regular security audits and system penetration tests
– Secure data storage and regular backups
– Ongoing employee training in data protection
While we implement these safeguards, no method of electronic transmission or storage is entirely secure. We encourage you to use caution when sharing any data online.
7. International Data Transfers
In some instances, personal data may be transferred to, and processed in, countries outside the European Economic Area (EEA), including the United States. Where such transfers occur, we ensure appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission or other lawful mechanisms provided under GDPR, are in place to protect your data.
8. Data Retention
We retain personal data only for as long as is necessary to fulfill the purposes outlined in this Policy:
– Account Data and Profile Data: Retained during the term of your account and a maximum of five years after account closure unless earlier deletion is requested.
– Communication Data: Retained for up to two years for service quality and legal purposes.
– Transaction Data: Retained for seven years for tax, audit, and compliance requirements.
– Technical and Usage Data: Retained for up to 24 months in aggregated or anonymized form.
– Preference Data: Retained until consent is withdrawn or marketing preferences are updated.
9. Cookie Policy
We use cookies and similar technologies on sweetmamajourney.com to enhance your browsing experience. These include:
– Essential Cookies: Necessary for the basic functionality of the Site.
– Functional Cookies: Improve usability and remember user preferences.
– Performance Cookies: Gather data for analytics to improve the functionality and experience of the Site.
– Analytical Cookies: Track website usage to inform site optimization.
Cookies do not typically contain personal information, but certain identifiers may be linked to data we already hold about you.
10. Cookie Management and Compliance
Sweetmamajourney.com uses a transparent and consent-based approach to cookie usage. Upon first visit, you are prompted to accept or decline non-essential cookies. You may also modify your consent preferences using the cookie settings on our Site or by adjusting your browser settings. California residents may exercise their CCPA opt-out rights via our designated cookie management tools.
11. Children
Our Site and services are not directed to individuals under the age of 13. We do not knowingly collect or process personal data from children under 13 years of age. If we learn that a child has submitted personal data to sweetmamajourney.com without verified parental consent, we will take reasonable steps to delete that information promptly upon notice.
12. Changes to this Policy
We reserve the right to revise this Privacy Policy at any time as needed to reflect changes in our practices, technologies, legal obligations, or for other operational reasons. Where material changes are made, we will notify users via the Site or through other direct means of communication to the extent legally required.
13. Contact Us
For any privacy-related inquiries, to exercise your rights, submit a complaint, or request clarification on our practices, please contact us at:
Email: [email protected]
Your trust is important to us. We comply with the GDPR, CCPA, and other relevant privacy regulations, and we welcome your engagement to ensure that your personal data is treated in accordance with your expectations and the law.