Privacy Policy
1. Introduction
At Helen-of-Destroy.com (“we,” “us,” or “our”), we are firmly committed to protecting the privacy and personal data of our visitors, users, and customers. Our approach to data protection is guided by transparency, integrity, and compliance with applicable data privacy laws, including the General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”), as amended. This Privacy Policy outlines how we collect, use, disclose, and safeguard the personal data you provide when using our website, helen-of-destroy.com.
2. Scope of Policy and Role as Data Controller
This Privacy Policy applies to all personal data collected through helen-of-destroy.com, including data collected via web browsers, mobile devices, and other online interactions. In the context of applicable data protection laws, Helen-of-Destroy.com is the data controller of your personal data. This means we determine the purposes and means of processing your personal data, in accordance with this Privacy Policy.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data: Includes details such as your browser type and version, Internet Protocol (IP) address, time zone setting, referral source, length of visit, page views, and navigation paths. This data helps us understand how you interact with our website.
b. Account Data: Includes information provided when you create an account, such as your full name, email address, mailing address, and telephone number.
c. Profile Data: Encompasses preferences, purchase history, browsing behavior, and feedback or survey responses.
d. Communication Data: Includes correspondence history, customer support communications, and any contact via [email protected].
e. Technical Data: Covers information about the device you use to access our website, including hardware model, operating system, browser settings, mobile network, and configurations relating to your system.
f. Transaction Data: Refers to details about purchases or transactions made on helen-of-destroy.com, including payment method (but not full payment card details), billing address, and delivery details.
g. Preference Data: Includes your consent and preference settings related to marketing communications, notification choices, and interest in specific products or services.
4. Legal Bases for Processing
We process your personal data under the following legal bases:
– Contractual Necessity: To perform obligations under a contract with you, such as processing your orders and providing products or services.
– Legitimate Interest: To operate, improve, and protect our services, provided that these interests are not overridden by your rights and freedoms.
– Consent: Where you have provided specific and informed consent (e.g., for marketing or cookies).
– Legal Obligations: To comply with any applicable legal obligations, including tax and accounting rules, law enforcement requests, or regulatory compliance.
5. Your Rights
Subject to applicable data protection laws, you have the following rights regarding your personal data:
– Right of Access: Obtain confirmation of whether personal data is being processed and access a copy of such data.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your personal data, subject to certain legal exceptions.
– Right to Restrict Processing: Request limitation on how your data is processed under certain circumstances.
– Right to Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller.
– Right to Object: Object to data processing carried out under legitimate interests or for direct marketing purposes.
– Right to Withdraw Consent: If processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
Users located in California may also exercise rights under the CCPA, including the right to know, delete, and opt out of the sale or sharing of personal data.
To exercise any of these rights, please contact us at [email protected] with sufficient identification to verify your request.
6. Security Measures
We implement robust technical and organizational measures to maintain the confidentiality, integrity, and availability of your personal data. These include:
– Encryption of sensitive data both in transit and at rest
– Access control policies with least-privilege permissions
– Regular system and data backups
– Employee training on data protection procedures
– Firewalls and secure hosting to protect against unauthorized access
7. International Transfers
Where your personal data is transferred outside of your jurisdiction (including transfer from Europe to the United States), we ensure that adequate safeguards are in place, such as:
– Use of Standard Contractual Clauses (SCCs) approved by the European Commission
– Compliance with applicable cross-border data transfer frameworks
– Implementation of supplementary measures where necessary to protect data in transit
8. Data Retention
We retain your personal data only as long as necessary for the purposes for which it was collected:
– Usage and Technical Data: Retained for up to 12 months for analytics and security auditing.
– Account and Profile Data: Retained for the duration of the account’s existence plus 6 years for legal compliance.
– Transaction Data: Retained for 7 years to satisfy accounting and tax-related obligations.
– Communication and Preference Data: Retained for 3 years unless objection is made or consent is withdrawn.
We may retain certain data longer if required by applicable laws or for legal proceedings.
9. Cookie Policy
Our website uses cookies and similar technologies, which may include:
– Essential Cookies: Required for website functionality and user authentication.
– Functional Cookies: Support user preferences and enhanced features.
– Analytics Cookies: Collect anonymized usage statistics to evaluate site performance and usability.
– Performance Cookies: Measure the effectiveness of our platforms and help identify areas for improvement.
10. Cookie Management and Compliance
We provide a cookie consent banner in accordance with GDPR and CCPA requirements. Visitors to helen-of-destroy.com can manage cookie preferences through our cookie settings tool, accessible from the site footer. You may also configure your browser to refuse non-essential cookies or to alert you before accepting them.
Under CCPA, we do not sell or share users’ personal data for monetary gain. Where applicable, users may opt out of the use of cookies or third-party data sharing.
11. Children Under 13
Our services are not directed to children under the age of 13, and we do not knowingly collect personal data from such individuals. In accordance with the Children’s Online Privacy Protection Act (COPPA), if we become aware that we have collected personal data from a child under 13 without verification of parental consent, we will delete that information promptly.
12. Policy Updates and User Notifications
We may amend this Privacy Policy from time to time to reflect changes in legal or operational requirements. Any material changes to the policy will be communicated via a prominent notice on helen-of-destroy.com or directly to users where appropriate. Continued use of our services after such changes constitutes your acknowledgment and acceptance of the modified policy.
13. Contact
If you have any questions about this Privacy Policy, the data we hold about you, or would like to exercise your rights, please contact our Data Protection Officer at:
We are committed to ensuring that your personal data is handled responsibly and welcome all privacy-related inquiries made in good faith.
Helen-of-Destroy.com is dedicated to maintaining full compliance with data protection laws and to upholding your rights with diligence and respect.