Privacy Policy for TeaStainedLil.com
1. Introduction
TeaStainedLil.com (“we,” “us,” “our”) is committed to protecting your privacy and ensuring that your personal data is handled in a secure and responsible manner. We are dedicated to upholding the highest standards of privacy and data protection in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws.
This Privacy Policy explains the manner in which we collect, use, disclose, and safeguard your personal data when you visit or interact with our website, teastainedlil.com.
2. Scope and Data Controller
This Privacy Policy applies to all users of teastainedlil.com and any services offered through our platform. For the purposes of the GDPR, the data controller responsible for your personal data is TeaStainedLil.com. If you have any questions regarding our data practices, you may contact us at [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data:
A. Usage Data:
We collect information about how you use our website. This includes your IP address, browser type and version, time zone setting, browsing history, duration of visits to pages, page interaction information, and referral sources.
B. Account Data:
When you create an account or place an order, we may collect your full name, billing and shipping address, email address, and phone number.
C. Profile Data:
We process information such as purchase history, saved preferences, user behavior, and interests to help improve user experience and personalize content.
D. Communication Data:
This includes correspondence with us, such as inquiries through contact forms, support tickets, emails, and chat records.
E. Technical Data:
We collect information about the device you use to access teastainedlil.com, including operating system, device model, unique device identifiers, screen resolution, and browser configuration.
F. Transaction Data:
To process payments and fulfill orders, we collect payment method details, order history, shipping address, and transaction confirmations.
G. Preference Data:
This includes your communication preferences (e.g., opt-ins to marketing emails, SMS consents) and product interest indicators you provide during your interaction with our services.
4. Legal Bases for Processing Personal Data
We process personal data based on one or more of the following legal frameworks:
Consent: Where you have given us clear permission to process your data for a specific purpose, such as subscribing to a newsletter.
Contractual Necessity: Where data processing is required to fulfill a contract with you, such as delivering a purchased product.
Legal Obligation: Where processing is necessary to comply with a statutory or regulatory requirement.
Legitimate Interest: Where processing is necessary for our legitimate business interests, provided such interests are not overridden by your fundamental rights and freedoms.
5. Your Rights Under GDPR and CCPA
As a data subject, you have the following rights:
Right of Access: Request details on the personal data we hold about you.
Right to Rectification: Request corrections to any inaccurate or incomplete data.
Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data, subject to certain legal exemptions.
Right to Restriction: Request limited processing of your data under specified circumstances.
Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format, and transmit it to another controller.
Right to Object: Object to processing activities based on legitimate interest or direct marketing.
Right to Non-Discrimination (CCPA): You will not be discriminated against for exercising your privacy rights.
You may exercise these rights at any time by contacting [email protected].
6. Security Measures
We implement appropriate technical and organizational security measures designed to safeguard your personal data. These include encryption protocols, access controls, secure server environments, firewalls, real-time monitoring, regular backups, and staff privacy training. These measures are evaluated regularly to ensure a high standard of data protection.
7. International Data Transfers
Where we transfer your personal data outside your country of residence, we do so in accordance with applicable data protection laws. This includes using Standard Contractual Clauses approved by the European Commission and implementing appropriate safeguards to protect your privacy and data rights, especially when transferring to regions without an adequacy decision.
8. Data Retention
We retain personal data only for as long as is necessary to fulfill the purposes outlined in this Privacy Policy or as legally required. The retention periods for different categories of data are as follows:
– Usage and Technical Data: up to 36 months
– Account Data: retained for the life of your account and for 6 years thereafter for legal and accounting purposes
– Profile and Preference Data: until you delete your profile or withdraw consent
– Communication Data: retained for 2 years
– Transaction Data: retained for 7 years in accordance with tax and accounting legislation
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your experience on teastainedlil.com. These fall into the following categories:
– Essential Cookies: Required for the operation of the website (e.g., shopping cart, account access)
– Functional Cookies: Used to remember your preferences and account settings
– Analytics Cookies: Used to aggregate statistical data on website usage
– Performance Cookies: Help monitor performance and usability of our website
10. Cookie Management and Compliance
You have the ability to control or disable cookies through your browser settings or via the cookie consent mechanism displayed upon your first visit to teastainedlil.com. Under GDPR and CCPA, we do not place non-essential cookies without your prior consent. You can withdraw your consent at any time by adjusting your cookie preferences in your account settings or visiting our cookie preference center.
11. Children’s Privacy
We do not knowingly collect or process data relating to children under the age of 13. If we become aware that we have collected such data without verified parental consent, we will take immediate steps to delete the information. Parents or guardians who believe we have collected data from a child without appropriate consent may contact us at [email protected].
12. Policy Updates
We reserve the right to amend or update this Privacy Policy to reflect changes in our practices, legal requirements, or operational needs. Any material changes will be communicated through our website or via direct communication where appropriate. You are encouraged to review this policy periodically to stay informed about how we handle your personal data.
13. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or how your personal data is handled, please contact:
Email: [email protected]
We are committed to ensuring full compliance with all applicable data protection legislation and to safeguarding the rights of our users. Please contact us with any privacy-related concerns or to exercise your rights as described above.