Privacy Policy for tracytimberlakeonline.com
1. Introduction
At Tracy Timberlake Online, we recognize the importance of protecting your personal information and are fully committed to safeguarding your privacy in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, and protect your information when you visit or interact with tracytimberlakeonline.com (the “Website”). By using the Website, you acknowledge and accept the practices described herein.
2. Scope of This Policy and Role of Data Controller
This Privacy Policy applies to all personal data collected through tracytimberlakeonline.com and associated services. The data controller responsible for processing your personal information is Tracy Timberlake Online and can be contacted at [email protected]. This policy does not cover the data practices of third-party websites or platforms not owned or controlled by us.
3. Categories of Personal Data We Collect
We collect and process various categories of personal data:
a) Usage Data
Includes information about how you use the Website, such as IP address, browser type, pages visited, time and date of access, session durations, and referring URLs.
b) Account Data
Includes personal identifiers provided during account creation or updates, such as your full name, postal address, email address, and telephone number.
c) Profile Data
Includes preferences, interests, past purchases, behaviors on the Website, and feedback supplied through surveys or reviews.
d) Communication Data
Includes correspondence and records from support requests, contact form submissions, customer service interactions, email exchanges, and any other direct communication with us.
e) Technical Data
Includes data from the devices you use to access the Website, such as browser language, operating system type and version, screen resolution, and hardware identifiers.
f) Transaction Data
Includes payment-related details (e.g., billing address, items purchased, delivery details); however, we do not store or process full payment card information, which is handled by our third-party payment processors.
g) Preference Data
Includes expressed interests, opted-in marketing communications, event registrations, and marketing communication preferences.
4. Legal Bases for Processing Personal Data
We process your personal data based on the following legal grounds:
– Consent — Where you have explicitly given consent for specific purposes (e.g., email newsletters).
– Contract — When processing is necessary to fulfill a contract with you, such as purchasing products or services.
– Legal Obligation — Where processing is required to comply with a legal obligation.
– Legitimate Interests — When processing is necessary to serve our legitimate interests, provided your interests and fundamental rights do not override those interests (e.g., service improvement, fraud prevention, Website analytics).
5. Your Rights
Under applicable data protection laws, you have the following rights:
– Right of Access — You have the right to request confirmation of whether we process your personal data and gain access to such data.
– Right to Rectification — You can request correction of inaccurate or incomplete personal data.
– Right to Erasure (Right to be Forgotten) — You can request the deletion of your data, subject to lawful retention requirements.
– Right to Restriction — You may request we limit processing in specific circumstances.
– Right to Data Portability — You may request to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
– Right to Object — You can object at any time to processing based on our legitimate interests or for direct marketing.
To exercise your rights, please contact us at [email protected]. We will respond to your requests promptly and in accordance with applicable laws.
6. Security Measures
We implement robust technical and organizational safeguards designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include:
– Encryption of data in transit and at rest
– Role-based access control and authentication systems
– Secure server environments and infrastructure audits
– Routine data backups and disaster recovery protocols
– Training of personnel on privacy and security best practices
7. International Data Transfers
If we transfer your personal data outside the European Economic Area (EEA), we ensure that such transfers comply with applicable laws by using Standard Contractual Clauses (SCCs), adequacy decisions, or other approved mechanisms. Users in jurisdictions such as the United States will have their data processed under comparable protective standards.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, or reporting obligations. Retention periods vary by data type:
– Usage and Technical Data: up to 24 months
– Account and Profile Data: retained while your account is active or as required by law
– Communication and Support Data: up to 36 months following last interaction
– Transaction Data: retained for at least 7 years for tax and legal compliance
– Marketing Preference Data: stored until consent is withdrawn or data becomes outdated
Upon expiration of these periods, data will be securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies on tracytimberlakeonline.com to enhance your experience and collect analytics. These may include:
– Essential Cookies: Necessary for basic site functions and security
– Functional Cookies: Enable enhanced features like saved preferences
– Analytics Cookies: Collect information on how users interact with the site to improve functionality and performance
– Performance Cookies: Measure Website performance and usage patterns
Third-party cookies from analytics or advertising partners may also be used in compliance with GDPR and CCPA authorization protocols.
10. Cookie Management and Compliance
Users are prompted upon visiting the Website to manage their cookie preferences. You may customize your settings via the cookie consent banner or through browser settings. You are entitled to reject non-essential cookies at any time. Our cookie management tools ensure full compliance with GDPR’s transparency requirements and CCPA’s “Do Not Sell My Personal Information” obligations.
11. Protection of Children
We do not knowingly collect or solicit personal information from children under the age of 13. If we become aware that we have inadvertently gathered such information, we will take reasonable steps to delete it as soon as possible. Parents or legal guardians who believe their child may have submitted data are encouraged to contact us at [email protected].
12. Policy Updates
We reserve the right to update this Privacy Policy at our discretion to reflect changes in legal requirements or business practices. Users will be notified of significant changes through the Website or direct communication where appropriate. Continued use of tracytimberlakeonline.com constitutes acceptance of the revised policy.
13. Contact Information
For any privacy-related inquiries, questions about this Privacy Policy, or to exercise any data protection rights, please contact:
Email: [email protected]
We are committed to full compliance with the GDPR, CCPA, and all applicable privacy regulations, and welcome your communication to ensure your data is protected and your rights are upheld.