Privacy Policy
1. Introduction
At helen-of-destroy.com (“we,” “our,” “us”), we are firmly committed to safeguarding your privacy and protecting your personal data. This Privacy Policy outlines our practices regarding the collection, use, storage, disclosure, and safeguarding of your information when you visit and interact with our website. In alignment with data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), we adopt a privacy-first approach to ensure the confidentiality, integrity, and availability of your personal data.
2. Scope of Policy and Role of Data Controller
This Privacy Policy applies to all users of our website helen-of-destroy.com, including any services, content, and features made available through it. We act as the “Data Controller” within the meaning of the GDPR for the data collected via our website and communication channels. As such, we determine the purposes and means of processing your personal data.
3. Categories of Data Processed
We only collect and process data as necessary for providing our services and operating helen-of-destroy.com efficiently and securely. The categories of data we may collect include:
a) Usage Data:
Information about how you use our website, including IP address, browser type, operating system, device identifiers, referral URLs, session duration, visiting times, and on-site interaction patterns.
b) Account Data:
Information you provide when creating or managing an account, such as your name, address, telephone number, and email address.
c) Profile Data:
Data linked to your preferences and behavior, such as purchase history, saved preferences, reading patterns, interactions with content, and responses to surveys or polls.
d) Communication Data:
Records of any communications exchanged directly or indirectly with us, including support requests, feedback submissions, emails, and chat messages.
e) Technical Data:
Information about your device and technical environment, such as hardware specifications, mobile or browser version, screen resolution, system configurations, and connectivity data.
f) Transaction Data:
Details about your purchases or donations conducted through helen-of-destroy.com, including payment method (excluding full card details), billing address, and shipping or delivery information when applicable.
g) Preference Data:
Your consents to receive marketing and promotional material, topic interests, newsletter selections, and participation in events or promotional offers.
4. Legal Bases for Processing
Under the GDPR, we rely on multiple lawful bases to process your personal data:
– Consent: When you have explicitly opted-in, such as for marketing communications.
– Performance of a Contract: As necessary to deliver content, products, or services you request.
– Legitimate Interest: Where it is necessary for the operation of our services or to improve user experience, provided it does not override your rights and freedoms.
– Legal Obligation: When we are required to process data to comply with laws or respond to lawful requests from government authorities.
5. Your Rights
Subject to applicable local laws, you have the following rights regarding your personal data:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may request that we correct inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): You may request the deletion of your personal data under certain conditions.
– Right to Restrict Processing: You may request that we limit the processing of your data.
– Right to Data Portability: You may request a copy of your personal data in a structured, commonly used, and machine-readable format and request that we transmit that data to another controller where feasible.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational measures to ensure a high level of data protection:
– Data transmission is encrypted using HTTPS and other secure protocols.
– Access is restricted to authorized personnel based on defined roles and responsibilities.
– Regular backups are conducted and stored securely.
– Staff and vendors are trained and bound by confidentiality obligations.
Despite our efforts, no transmission of data via the internet is completely secure. Users are responsible for maintaining the security of their devices and login credentials.
7. International Transfers
Data collected on helen-of-destroy.com may be processed or stored in jurisdictions outside your home country. Where we transfer personal data internationally—including outside the European Economic Area—we use standard contractual clauses or other lawful transfer mechanisms to ensure adequate protection in accordance with applicable regulations.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the stated purposes of collection, or as permitted or required by law. Specifically:
– Usage Data: Retained for up to 12 months for analytical and performance purposes.
– Account Data: Retained during account activity and for 6 years following closure (legal recordkeeping).
– Communication & Profile Data: Retained for 3 years following last interaction.
– Technical and Transaction Data: Retained for 7 years in compliance with tax and financial regulations.
– Preference Data: Retained until withdrawn or updated by the user.
9. Cookie Policy
We may use cookies and similar tracking technologies to enhance user experience and collect Usage, Technical, and Preference Data. These cookies may be:
– Essential Cookies: Required for the operation and security of the site (e.g. session ID).
– Functional Cookies: Enable customized experiences and remembering choices.
– Analytics Cookies: Collect aggregated data to understand traffic and usage trends.
– Performance Cookies: Used to monitor and improve page load and response times.
10. Cookie Management and Compliance with GDPR & CCPA
You may manage your cookie preferences at any time by accessing cookie settings on our website. For users in the European Economic Area, we obtain consent before placing non-essential cookies. Under the CCPA, California residents have the right to opt-out of the sale or sharing of personal information; we honor Do Not Track signals and provide clear cookie management tools.
11. Special Protections for Children
helen-of-destroy.com is not directed toward children under the age of 13, and we do not knowingly collect personal data from children. If we become aware that a child under 13 has provided personal data through our website, we will take prompt steps to delete such data and disable any associated accounts. Parents or legal guardians who become aware of such activity should contact us at [email protected].
12. Policy Updates and User Notifications
We may modify this Privacy Policy from time to time to reflect changes in law, technology, or our practices. Material updates will be communicated via notices on the website or direct communication where feasible. Continued use of helen-of-destroy.com following such changes signifies your acknowledgment of the revised policy.
13. Contacting Us
For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
We are committed to honoring your privacy rights and complying with all applicable data protection regulations, including the GDPR and CCPA. If you have any privacy concerns, please do not hesitate to reach out to us.