Privacy Policy
1. Introduction
At Dannielle Hale (“we”, “our”, or “us”), accessible via danniellehale.com (“the Website”), we respect and are committed to safeguarding the privacy and personal data of our users and visitors. This Privacy Policy outlines how we collect, process, use, and protect your personal data in compliance with international data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We are committed to transparency and data minimization, ensuring that your data is handled responsibly and in accordance with the highest standards of privacy protection.
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through the Website, including services, interactive features, and communications. Dannielle Hale is the data controller responsible for the processing of your personal data collected through danniellehale.com.
For all questions regarding the processing of your personal data, please contact us at: [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a) Usage Data:
This includes data regarding your behavior on the Website, such as IP address, browser type, device identifiers, geographic location, pages viewed, time spent on pages, and referral URLs. This data helps us understand how users interact with danniellehale.com.
b) Account Data:
If you create an account or sign up for services, we collect your name, email address, mailing address, phone number, and login information.
c) Profile Data:
Includes information related to your online preferences, interests, browsing habits, previous purchases, and behavioral patterns when interacting with the Website.
d) Communication Data:
We collect data you voluntarily provide through support requests, feedback forms, contact forms, emails to [email protected], and any other communication records.
e) Technical Data:
Includes data related to your device, operating system, browser configurations, mobile device attributes, time zone settings, and software configurations used to access the Website.
f) Transaction Data:
In connection with any transactions conducted through danniellehale.com, we collect payment data including billing address, transaction history, delivery information, and limited credit card processor data.
g) Preference Data:
Includes your choices regarding marketing communications, notification settings, and interests regarding our offerings or third-party partnerships.
4. Legal Bases for Processing Personal Data
We process your personal data based on the following legal grounds:
– Consent: For sending marketing communications and storing optional cookies, we rely on your explicit consent.
– Contractual Necessity: We process Account, Transaction, and Communication Data when necessary to perform a contract or respond to your service requests.
– Legitimate Interest: We process Usage and Technical Data to improve and secure the Website, prevent fraud, and optimize user experience.
– Legal Obligation: In certain instances, we may be legally obliged to collect or retain data pursuant to applicable law or legal process.
5. Your Rights Under GDPR and CCPA
Depending on your jurisdiction, you may have the following rights regarding your personal data:
– Right of Access: Obtain information about the personal data we process about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data.
– Right to Restriction: Request restriction of processing under certain circumstances.
– Right to Data Portability: Receive your data in a structured, machine-readable format and/or transmit it to another data controller.
– Right to Object: Object to processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent: Withdraw any consent you have provided at any time.
– Right to Non-Discrimination (CCPA): Exercise your rights without being denied goods or services or facing discrimination.
To exercise these rights, please email: [email protected].
6. Data Security Measures
We implement robust technical and organizational measures to protect your personal data. These include:
– Encryption of data in transit and at rest
– Role-based access controls
– Secure servers and firewall protection
– Ongoing staff privacy training and audits
– Daily server backups and business continuity planning
– Two-factor authentication (2FA) on administrator accounts
7. International Data Transfers
Where personal data is transferred outside of the European Economic Area or other jurisdictions with similar laws, it is done in full compliance with applicable data protection regulations. Such transfers rely on European Commission-approved Standard Contractual Clauses and other recognized legal safeguards to ensure that your data remains protected.
8. Data Retention
We retain personal data only for as long as is necessary for the purposes for which it was collected, unless a longer retention period is required by law. Specific retention periods include:
– Usage and Technical Data: Retained for up to 12 months for analytics and security.
– Account and Profile Data: Retained while your account remains active and up to 6 years thereafter for legal compliance.
– Communication Data: Retained for a maximum of 24 months.
– Transaction Data: Retained for 7 years for accounting and legal obligations.
– Preference and Consent Records: Retained indefinitely, unless withdrawn, to maintain a record of compliance.
9. Cookie Policy
We use cookies and similar technologies to enhance your experience on danniellehale.com. These may include:
– Essential Cookies: Required for core website functionality and user authentication.
– Functional Cookies: Remember your preferences and enhance personal experiences.
– Analytics Cookies: Collect insights on site usage to improve performance.
– Performance Cookies: Improve page loading speed and responsiveness.
10. Cookie Management and Compliance
In accordance with GDPR and CCPA, users are given the ability to manage cookie preferences upon their first visit to danniellehale.com via a consent management platform (CMP). You may also manage your cookie preferences through your browser settings at any time. Where required by law, cookies will not be set unless you have explicitly consented to their use.
11. Protection of Children’s Privacy
Our Website is not directed at or intended for use by children under the age of 13. We do not knowingly collect, use, or disclose data from children under 13. If we become aware that we have inadvertently collected personal information from a child under 13, we will take appropriate steps to delete such data.
12. Policy Updates
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in legal, regulatory, or operational requirements. You are encouraged to review this Policy periodically. Where legally required, we will notify users of significant changes via email or through prominent notices on the Website.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy, your personal data, or your rights, please contact us at:
Email: [email protected]
We are committed to full compliance with applicable privacy laws and to resolving any concerns in a timely and respectful manner.