Privacy Policy for Myles Made Candles
1. Introduction
Myles Made Candles (“we,” “us,” or “our”) is committed to safeguarding the privacy and personal data of its website visitors, customers, and affiliates. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you visit or interact with our website, located at https://mylesmadecandles.com (“the Website”). We uphold the highest standards of data protection and are fully aligned with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of this Policy and Data Controller Role
This Privacy Policy applies to all personal data processed through the Website and related services. For purposes of applicable data protection laws, Myles Made Candles is the data controller responsible for your personal data. By using our Website, you acknowledge that you have read and understood this Policy and agree to its terms.
3. Categories of Data We Process
We collect and process various categories of personal data in accordance with lawful bases under GDPR and CCPA, including but not limited to:
a) Usage Data
Information about how you interact with our Website, including your browser type and version, IP address, device identifiers, access times, referring website addresses, and session activity.
b) Account Data
Personal information you provide during the account creation or checkout process, such as your name, shipping and billing addresses, email address, and phone number.
c) Profile Data
Preferences and behavioral information, including your purchase history, saved items, reviews, and interactions with our content.
d) Communication Data
Records of correspondence with us via email, contact forms, or customer support channels, including inquiries, complaints, and feedback.
e) Technical Data
Information about your device, operating system, system settings, language preference, and other diagnostic data that allow for a seamless user experience.
f) Transaction Data
Details relating to purchases made on the Website, including selected products, payment methods, delivery address, and order history.
g) Preference Data
Your marketing preferences, notification settings, cookie selections, and survey responses regarding product interests or personal tastes.
4. Legal Bases for Processing
We process your personal data based on one or more of the following legal grounds:
– Consent: When you explicitly authorize the use of your data, such as subscribing to newsletters.
– Contractual Necessity: For processing necessary to complete a sale or provide a service you have requested.
– Legitimate Interests: Where processing is required for business operations, fraud prevention, or service enhancements, provided these interests do not override your rights.
– Legal Obligation: When we are bound by legal or regulatory duties that necessitate data use.
5. Your Rights
As a data subject, you are entitled to the following rights under GDPR and, where applicable, CCPA:
– Right of Access: Obtain a copy of the personal data we hold about you.
– Right to Rectification: Request correction of any inaccurate or incomplete data.
– Right to Erasure: Ask us to delete your personal data under certain lawful conditions.
– Right to Restriction: Limit how we process certain categories of data.
– Right to Data Portability: Receive your data in a structured, commonly used format and transfer it to another controller.
– Right to Object: Object to data processing based on legitimate interest or for direct marketing.
– Right Not to Be Discriminated Against: Under CCPA, exercise your privacy rights without affecting service quality.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational safeguards to protect your personal data against unauthorized access, accidental loss, or unlawful manipulation. These measures include, but are not limited to:
– End-to-end data encryption protocols (SSL/TLS)
– Role-based access controls and authentication mechanisms
– Regular internal audits and security training for staff
– Secure storage solutions and data redundancy systems
7. International Data Transfers
Some of the third-party service providers we use may operate in jurisdictions outside your own, including regions not considered to provide the same level of data protection. In such instances, we implement safeguards such as Standard Contractual Clauses (SCCs) and ensure that third parties meet compliance requirements equivalent to GDPR and CCPA standards.
8. Data Retention
We retain personal data only for as long as is necessary to fulfill the purposes for which it was collected, including:
– Usage and Technical Data: Up to 12 months for analytics and diagnostics
– Account and Profile Data: Until account closure or 6 years after last login
– Transaction Data: Retained for 7 years for tax and regulatory compliance
– Communication Data: Retained for up to 3 years following last interaction
– Preference and Consent Data: Retained until the user withdraws consent or updates preferences
9. Cookie Policy
The Website uses cookies and similar technologies to enhance user experience and analyze site performance. Cookies are categorized as follows:
– Essential Cookies: Necessary for basic website functionality and security
– Functional Cookies: Enable enhanced features like remembering login credentials
– Analytics Cookies: Collect anonymized behavioral data for performance assessment
– Performance Cookies: Monitor access, errors, and site responsiveness for improvements
10. Cookie Management and Compliance
Upon first visit to the Website, visitors are presented with a cookie consent banner in compliance with GDPR and CCPA requirements. Users may modify cookie preferences at any time through the cookie control interface available on our Website. You may also control cookies via browser settings or by using industry-standard opt-out tools.
11. Children’s Privacy
We do not knowingly collect or solicit personal information from children under the age of 13. If we become aware that we have inadvertently collected data from a minor without parental consent, we will take prompt action to delete such information. Parents or guardians can contact us at [email protected] for inquiries.
12. Policy Updates
We reserve the right to modify this Privacy Policy to reflect changes in data processing practices, legal requirements, or improvements to our privacy framework. Any changes will be promptly updated on the Website. Where appropriate, we will notify users through prominent notices or direct communication.
13. Contact Us
If you have any questions, requests, or concerns regarding this Privacy Policy or how we handle your personal data, please contact us at:
Myles Made Candles
Email: [email protected]
Website: https://mylesmadecandles.com
We are committed to ensuring your privacy is respected and protected. Should you have any issues regarding your data or our privacy practices, we strongly encourage you to reach out so we can address and resolve your concerns promptly.
This Privacy Policy reflects our ongoing commitment to data protection, transparency, and user empowerment in compliance with applicable laws including the GDPR and the CCPA.