PRIVACY POLICY
At Granniepants.com, we are committed to safeguarding the privacy and personal information of our users, customers, and visitors. This Privacy Policy outlines our practices regarding the collection, use, disclosure, and protection of your personal data when you visit our website, engage with our services, or otherwise interact with us. We uphold a privacy-first approach and respect your rights under applicable data privacy laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
1. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data processed by Granniepants.com through our website and related services. For the purpose of the GDPR and relevant data protection laws, Granniepants.com is the Data Controller of your personal data. If you have any questions regarding this policy, you may contact us at [email protected].
2. Categories of Data Processed
We may collect, store, and use the following categories of personal data:
a. Usage Data
Information on how you interact with our website, including IP addresses, browser type and version, web pages viewed, time spent on pages, session data, and interactions with page content.
b. Account Data
Information provided during account registration or checkout, including your full name, billing address, shipping address, email address, and telephone number.
c. Profile Data
Details related to your browsing and purchasing behavior, product preferences, interests, and any saved settings or user-generated preferences.
d. Communication Data
Records of your correspondence with us, including support inquiries, feedback submissions, and contact history with our customer service team.
e. Technical Data
Data derived from your device, including operating system, browser details, device type, screen resolution, hardware identifiers, and system configuration.
f. Transaction Data
Information related to payments and order fulfillment, such as order history, payment provider (e.g., PayPal, Stripe), delivery address, date/time of transactions, and billing details.
g. Preference Data
Your choices regarding email subscriptions, marketing preferences, consent to receive promotional material, product category interests, and notification settings.
3. Legal Bases for Processing
In accordance with GDPR, we process your personal data based on the following legal grounds:
– Performance of Contract: To fulfill orders, respond to requests, manage accounts, or provide services.
– Consent: Where you affirmatively opt-in for marketing communications or non-essential cookies.
– Legitimate Interests: To improve website functionality, prevent fraud, analyze customer behavior, maintain system security, and personalize user experience, where such interests are not overridden by your data protection rights.
– Legal Obligation: Where required to comply with laws or respond to lawful governmental requests.
Under the CCPA, you have the right to know which categories of personal information we collect, the purposes for which we use it, and whether it is sold or shared (See Sections 3 and 5 for more information).
4. Your Rights
Subject to applicable law, you have the following rights with respect to your personal data:
– Right of Access: Request confirmation as to whether we process your personal data and request a copy of such data.
– Right of Rectification: Request correction of inaccurate, incomplete, or outdated information.
– Right to Erasure: Request that we delete your personal data, unless retention is required for legal or operational purposes.
– Right to Restriction: Request limitation of our processing activities under certain circumstances.
– Right to Data Portability: Receive a copy of your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller where technically feasible.
– Right to Object: Object to data processing based on legitimate interests or for direct marketing purposes.
California residents may additionally request:
– Disclosure of categories and sources of personal information collected.
– An opt-out from the “sale” or “sharing” of personal information (Granniepants.com does not sell personal data).
To exercise any of your rights, please contact us at [email protected].
5. Security Measures
We adopt appropriate technical and organizational measures to ensure the security of your personal data including, but not limited to:
– Data encryption both in transit and at rest,
– Role-based access control to limit internal access to data,
– Regular system monitoring and intrusion detection,
– Secure data backups stored in compliance with industry standards,
– Staff training on data protection responsibilities and awareness.
6. International Transfers
Where your personal data is transferred across borders—such as to third-party service providers, payment processors, or infrastructure partners located outside of your jurisdiction—we implement safeguards including:
– Standard Contractual Clauses approved by the European Commission or other relevant authorities;
– Verification of adequacy decisions for data transfers to certain countries;
– Binding corporate rules or certifications where applicable.
These mechanisms ensure that your personal data continues to benefit from a consistent level of protection, irrespective of geographic location.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Retention periods vary by data category:
– Usage and Technical Data: Retained for analytics purposes up to 12 months.
– Account, Transaction, and Communication Data: Retained for 7 years for compliance and support.
– Profile and Preference Data: Retained until consent is withdrawn or inactive for over 24 months.
– Cookie Data: Duration varies by cookie type (see Section 9).
Data that is no longer needed is securely deleted or anonymized.
8. Cookie Policy
Granniepants.com uses cookies to optimize user experience, personalize content, and enhance website functionality. The types of cookies we use include:
– Essential Cookies: Required for core website functions such as account login and shopping cart sessions.
– Functional Cookies: Support user preferences such as language choices and layout settings.
– Analytics Cookies: Collect anonymized data about user interactions to measure and enhance platform performance.
– Performance Cookies: Assist in diagnosing technical issues and improving website speed and usability.
9. Cookie Management and Compliance
We comply with GDPR and CCPA requirements by implementing cookie consent mechanisms whereby users may:
– Accept or reject non-essential cookies on first visit;
– Adjust consent preferences via cookie settings at any time;
– Opt out of analytics and tracking technologies;
– Access a full list of cookies and their purpose via our Cookie Settings page.
By managing cookies appropriately, we maintain your right to privacy and control over your digital footprint.
10. Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have inadvertently collected such data without informed parental consent, we will take immediate steps to delete the information. Parents or guardians with concerns may contact us at [email protected].
11. Policy Updates and Notifications
We reserve the right to amend this Privacy Policy from time to time to reflect changes in our processing activities, legal obligations, or best practices. Updated versions will be posted on granniepants.com, and in cases of material change, we will notify users via prominent notice or direct communication where appropriate.
12. Contact
For questions or concerns about this Privacy Policy, to exercise your data rights, or to submit a privacy-related complaint, please contact:
Data Protection Officer
Email: [email protected]
Website: https://granniepants.com
We remain committed to full compliance with data protection regulations and to maintaining your trust through transparency and accountability.