Privacy Policy for lagunabeachmandalas.com
1. Introduction
At Laguna Beach Mandalas (“we,” “us,” or “our”), accessible at lagunabeachmandalas.com, we are committed to respecting and protecting your privacy. We recognize the importance of safeguarding your personal data and ensuring its responsible and lawful processing. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information, in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Our commitment to data minimization, transparency, and accountability underpins all processing activities on our website.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who access or use lagunabeachmandalas.com. For the purposes of the GDPR and other applicable data protection laws, Laguna Beach Mandalas is the data controller responsible for your personal data collected through our website.
3. Categories of Personal Data We Process
We process various types of personal information, depending on how you interact with our website.
3.1 Usage Data
We collect diagnostic and usage-related data when you visit our website, including your browser type, IP address, geographic location, pages viewed, referring websites, session duration, and browsing behavior.
3.2 Account Data
When you create an account, we collect and process information such as your full name, mailing address, email address, and telephone number.
3.3 Profile Data
We gather preferences, purchase history, saved items, and behavioral data related to your interactions with products and services offered on lagunabeachmandalas.com.
3.4 Communication Data
When you contact us—for example, by email or through our contact form—we process the submitted content and maintain records of correspondence, including support and service communications.
3.5 Technical Data
Information about the device you use to access our website, including operating system, browser configuration, time zone setting, and screen resolution, is automatically collected.
3.6 Transaction Data
If you make a purchase, we collect details necessary to fulfill the order, such as billing address, shipping address, order details, and partial payment information (note: full payment data is processed securely by our third-party payment providers).
3.7 Preference Data
We collect your preferences regarding marketing communications, opt-in/out choices, and expressed interests in specific products or services.
4. Legal Bases for Processing Personal Data
We process your personal data under one or more of the following lawful bases:
– Consent: Where you have provided clear consent for us to process your personal data for a specific purpose, such as subscribing to our newsletter.
– Contractual Necessity: To fulfill our contractual obligations in delivering goods or services you have requested.
– Legal Obligation: Where the processing is required to comply with applicable legal requirements.
– Legitimate Interests: For purposes of enhancing our products and services, ensuring website security, engaging in limited marketing efforts, or preventing fraud, provided that such interests are not overridden by your rights and freedoms.
5. Your Data Protection Rights
If you are located within or are otherwise subject to the data protection regulations of the EU or California, you are entitled to the following rights:
– Right of Access: You may request access to personal data we hold about you.
– Right to Rectification: You may ask us to correct inaccurate or incomplete data.
– Right to Erasure: You may request the deletion of your data, subject to certain legal limits.
– Right to Restrict Processing: You may request a limit on how we process your data under certain circumstances.
– Right to Data Portability: You may request a copy of your data in a structured, commonly used, and machine-readable format.
– Right to Object: You may object to the processing of your personal data for direct marketing or based on our legitimate interests.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We employ a robust set of security protocols and operational measures to protect your personal data, including:
– Encryption of sensitive data during transmission and storage.
– Access control mechanisms to limit data access to authorized personnel only.
– Routine data backups and recovery protocols.
– Staff training and awareness programs regarding data protection responsibilities.
Despite our efforts to secure your data, please be aware that no transmission over the internet is entirely secure.
7. International Data Transfers
Wherever data transfers occur outside the European Economic Area (EEA), such as to servers or partners based in states lacking an adequacy decision from the European Commission, we ensure appropriate safeguards are in place. This includes the implementation of Standard Contractual Clauses (SCCs) and supplementary technological or organizational measures to ensure your data receives an adequate level of protection in accordance with GDPR requirements.
8. Data Retention
We retain your data only for the duration necessary to fulfill the purposes for which it was collected, subject to applicable legal, regulatory, and operational retention requirements:
– Account and profile information: retained while your account is active and for up to seven (7) years after account closure.
– Transaction and billing data: retained for seven (7) years for legal compliance.
– Communication data: retained for three (3) years after the last interaction.
– Usage and technical data: retained for two (2) years for analysis and security auditing.
After applicable retention periods, data is securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies and similar tracking technologies to optimize your browsing experience and improve our services. We categorize cookies into the following types:
– Essential Cookies: Required for core site functionality and security.
– Functional Cookies: Enable personalized features and site customization.
– Analytics Cookies: Collect aggregated data for statistical and usage analysis.
– Performance Cookies: Help identify website issues and improve speed and responsiveness.
10. Cookie Management and Compliance
When you visit lagunabeachmandalas.com, we present you with a cookie consent banner. By selecting preferences or continuing to browse, you consent to the placement of cookies according to your choices.
In compliance with GDPR and CCPA, you have the right to:
– Decline non-essential cookies.
– Modify cookie settings at any time via our cookie preferences panel.
– Request information on cookies and tracking tools used.
– Exercise “Do Not Sell My Personal Information” rights under CCPA, where applicable.
11. Children’s Privacy
lagunabeachmandalas.com is not intended for children under the age of 13. We do not knowingly collect, use, or disclose personal information from children. If we learn that we have inadvertently collected Personal Data from a child under 13 without verified parental consent, we shall delete such information promptly. Parents or guardians with concerns are encouraged to contact us at [email protected].
12. Policy Updates
We reserve the right to modify this Privacy Policy at any time. Changes will be posted on this page, and where significant, we will provide notice via email or prominent announcements on lagunabeachmandalas.com. Continued use of the site after policy changes signifies acceptance of the updated practices.
13. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, you may contact us at:
Email: [email protected]
We are committed to full compliance with GDPR, CCPA, and other applicable privacy laws. If you believe your privacy rights have been violated or wish to report a complaint, please reach out using the contact details above.