Privacy Policy
1. Introduction
At kateandmimmim.com (“Website”, “we”, “our”, or “us”), we are fully committed to protecting the privacy and personal data of our users, visitors, and customers. This Privacy Policy outlines how we collect, use, store, share, and safeguard your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”), as amended. We adhere to the principles of lawfulness, fairness, transparency, and accountability in all aspects of our data processing.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to personal data collected through or in connection with the use of kateandmimmim.com, including services, web forms, email correspondence, and marketing activities. For the purpose of data protection laws, kateandmimmim.com acts as the Data Controller, determining the means and purposes of processing personal data. If you reside in California or any EU member state, you have specific rights under relevant data protection regulations that we honor and support.
3. Categories of Personal Data We Process
We may process the following categories of personal data, depending on your interactions with our Website:
a) Usage Data: Includes information about how you use the Website such as browser type, IP address, referring/exit pages, pages visited, session duration, timestamps, and other analytical data collected through web server logs and tracking technologies.
b) Account Data: Includes personal and contact details you provide when you create an account or register on the Website, including your full name, mailing address, email address, and telephone number.
c) Profile Data: Incorporates data related to your preferences, user behavior, previous purchases, service usage history, and any personalization features on the Website.
d) Communication Data: Includes the information you provide when you contact us directly, including messages, support queries, complaints, records of correspondence, and responses submitted via contact forms or email exchanges.
e) Technical Data: Includes technical specifications of the devices used to access the Website, such as device model, operating system, browser version, screen resolution, system configurations, and time zone settings.
f) Transaction Data: Includes details about the products or services purchased, billing information, delivery information, payment confirmations, and order fulfillment statuses.
g) Preference Data: Includes marketing preferences, language selections, and information you voluntarily provide concerning product interests, subscription options, or wish lists.
4. Legal Bases for Processing
We only process your personal data where we have a lawful basis to do so. These bases include:
– Consent: When you grant us permission, such as opting in to receive newsletters or accepting cookies.
– Contractual necessity: When processing is necessary to perform a contract with you, such as delivering merchandise or providing account services.
– Legitimate interest: Where processing is necessary for our legitimate business purposes, provided your rights do not override those interests (e.g., improving the Website or preventing fraud).
– Legal obligation: Where we are required by legal or regulatory requirements to process data.
5. Your Data Protection Rights
Subject to applicable law, you may have the following rights regarding your personal data:
– Right of Access: You may request copies of your personal data that we hold and obtain confirmation as to whether your data is being processed.
– Right of Rectification: You may request rectification of inaccurate or incomplete data.
– Right to Erasure: Also known as the “right to be forgotten”; you may request deletion of your personal data, subject to any legal retention obligations.
– Right to Restriction: You may request that we restrict processing of your data where permitted by law.
– Right to Data Portability: You may request to receive your personal data in a structured, commonly used, and machine-readable format or have it transmitted to a third party.
– Right to Object: You may object to our processing based on legitimate interest, direct marketing, or automated decision-making.
You may exercise these rights by contacting us at [email protected]. We reserve the right to verify your identity prior to fulfilling such requests.
6. Security Measures
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk presented by the processing of personal data. These include:
– Data encryption at rest and in transit;
– Authentication and access control mechanisms;
– Regular data backups and disaster recovery plans;
– Staff training in privacy best practices;
– Secure hosting infrastructure with firewall protection.
Although we follow industry standards to protect your personal data, no method of transmission or storage is completely secure. Accordingly, we cannot guarantee absolute security.
7. International Transfers
Given the global nature of our operations, your personal data may be transferred outside your country of residence, including to countries not recognized as providing an equivalent level of data protection. In such cases, we will ensure appropriate safeguards are in place, including reliance on EU Standard Contractual Clauses, adequacy decisions, or other lawful transfer mechanisms.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, regulatory, tax, and accounting obligations.
– Usage Data: Retained for up to 12 months for analytics and Website optimization.
– Account Data: Retained for the duration of the user’s active account and for up to 5 years after closure for compliance purposes.
– Profile and Preference Data: Retained as long as your account remains active or until consent is withdrawn.
– Communication Data: Retained for up to 3 years for record-keeping and service improvement.
– Technical Data: Retained for up to 1 year to ensure operational integrity and security.
– Transaction Data: Retained for a minimum of 7 years for tax, audit, and transactional compliance.
9. Cookie Policy
We use cookies and similar technologies on kateandmimmim.com to enhance user experience, provide functionality, measure Website usage, and tailor marketing content.
The types of cookies we use include:
– Essential Cookies: Required for core site operation and navigation.
– Functional Cookies: Enable enhanced features such as account preferences and language selection.
– Analytics Cookies: Collect data on user interaction and site performance to help us improve functionality.
– Performance Cookies: Monitor technical performance and uptime, including load times and error diagnostics.
No personally identifiable information is automatically collected through cookies unless you provide it voluntarily.
10. Cookie Management and Compliance
In accordance with GDPR and CCPA, users are provided with the ability to manage their cookie preferences via a consent management banner on the Website. You may also configure your browser settings to refuse or delete specific types of cookies.
For California residents, the CCPA grants a right to opt out of the sale of personal information. We do not sell your data for monetary value. Any data shared for analytics or advertising is done under service agreements prohibiting further sale.
11. Protections for Children Under 13
We do not knowingly collect personal data from children under the age of 13. If we become aware that we have inadvertently collected personal data from a child without appropriate parental consent, we will take steps to delete such information immediately. If you believe we may have collected data from a child, please contact us at [email protected].
12. Updates to this Privacy Policy
We may revise this Privacy Policy from time to time to reflect changes in legal, technical, or business developments. Any significant changes will be communicated to users through prominent Website notices or direct communication for account holders. Continued use of our services after changes have been made constitutes acceptance of the revised policy.
13. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, you may contact us at:
Email: [email protected]
Website: https://www.kateandmimmim.com
We are dedicated to upholding compliance with applicable data protection laws and ensuring your personal data is treated with care and respect. Please reach out to us at any time with privacy-related inquiries.