Privacy Policy
1. Introduction
At Tiny Blessings Mom (https://tinyblessingsmom.com), we are deeply committed to protecting the privacy and personal data of our visitors, customers, and users. This Privacy Policy outlines the practices and principles we follow to ensure that your personal information is treated with the utmost care and in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We are dedicated to being transparent with our data collection and processing practices and upholding a privacy-first approach throughout our operations.
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through our website, https://tinyblessingsmom.com, and related digital services. For the purpose of data protection laws, Tiny Blessings Mom is the data controller responsible for determining the purposes and means of processing your personal data. If you have any questions or concerns about this Privacy Policy or how your data is handled, please contact us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data:
– Usage Data: Includes information such as your browser type and version, IP address, referral source, pages visited, time spent on pages, and other diagnostic and usage analytics.
– Account Data: Includes identifying information you provide when creating an account, such as your full name, mailing address, email address, and telephone number.
– Profile Data: Includes your preferences, account settings, previous purchases, and behavior patterns while using the website.
– Communication Data: Includes contents and logs of written or verbal communications, such as support inquiries, feedback, and records of correspondence between you and our team.
– Technical Data: Includes device and platform information (e.g., operating system, device model, system configurations), browser metadata, internet service provider, and IP-based geolocation data.
– Transaction Data: Includes payment method details, order history, billing and delivery address, and records of financial transactions conducted through the website (though we never store full payment card information).
– Preference Data: Includes records related to your marketing preferences, product interests, and consent statuses for emails, push notifications, and other optional features.
4. Legal Bases for Processing
We collect and process personal data only when we have a lawful basis to do so under applicable legal frameworks. These bases include:
– Consent: Where you have affirmatively agreed to the processing for a specified purpose, including marketing and newsletter communications.
– Contractual Necessity: Where processing is required for the performance of a contract with you or in order to take steps at your request prior to entering into a contract.
– Legal Obligation: Where we are required to comply with applicable laws and regulatory obligations.
– Legitimate Interests: Where processing is necessary to support our legitimate business interests, provided such processing is not overridden by your fundamental rights and freedoms.
5. Your Rights
Under applicable privacy laws, you may exercise the following rights with regard to your personal data:
– Right of Access: Obtain confirmation as to whether or not we process your data and request access to it.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request that we delete your personal data, subject to legal limitations.
– Right to Restriction: Request that we limit the processing of your personal data in specific circumstances.
– Right to Data Portability: Receive your data in a structured, commonly used, and machine-readable format where applicable.
– Right to Object: Object to processing based on our legitimate interests or for direct marketing purposes.
To exercise any of these rights, you may contact us directly at [email protected]. We will respond to your request in accordance with applicable data protection laws.
6. Security Measures
We implement commercially reasonable technical and organizational safeguards to protect your personal data against unauthorized access, disclosure, alteration, or destruction. These measures include encryption, secure web hosting with SSL certification, limited administrative access, regular system audits, disaster recovery protocols, employee data privacy training, and secure data storage practices.
7. International Data Transfers
We may process your data in jurisdictions outside of your country of residence, including jurisdictions that may not provide equivalent levels of data protection. Where applicable, we ensure that such data transfers are conducted in compliance with GDPR-approved Standard Contractual Clauses and other related safeguards designed to ensure an adequate level of protection.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying legal, accounting, and reporting requirements. Specific retention periods include:
– Usage Data: Retained for up to 12 months for analytics purposes.
– Account and Profile Data: Retained while your account remains active, and thereafter for a period of up to 24 months.
– Communication Data: Retained for up to 24 months or as required by legal obligation.
– Transaction Data: Retained for up to 7 years for tax and compliance purposes.
– Preference Data: Retained until you withdraw consent or request deletion.
9. Cookie Policy
We use cookies and other similar technologies to improve user experience, monitor performance, and analyze website traffic. The types of cookies used include:
– Essential Cookies: Required for the operation of our website and enable basic functions such as navigation and access to secure areas.
– Functional Cookies: Help personalize content and remember user preferences, such as language or region.
– Analytics Cookies: Collect aggregated information about user behavior and site usage to help us understand and improve performance.
– Performance Cookies: Enhance website response times and diagnose technical issues.
10. Cookie Management and Compliance with GDPR and CCPA
By browsing our website, you consent to our use of cookies subject to your cookie preferences. We provide users the ability to manage cookie settings through a cookie consent banner and interface. In line with GDPR and CCPA requirements, you may withdraw your cookie consent at any time and disable cookies via your browser settings or our dedicated cookie manager.
For California residents under the CCPA, the right to opt-out of the “sale” of personal information is honored, and we do not sell personal data as defined by the CCPA.
11. Special Protections for Children
Our website and services are not intended for children under the age of 13. We do not knowingly collect or solicit personal data from children without verifiable parental consent. If we become aware that a child under 13 has provided us with personal information in violation of applicable laws, we will take appropriate steps to delete the data promptly. If you believe we may have improperly collected such information, please contact us at [email protected].
12. Policy Updates and User Notifications
We reserve the right to update or modify this Privacy Policy from time to time to reflect legal developments, technological advancements, or changes in our data processing practices. Where required by law, we will provide notice of such updates through our website or via direct communication. We encourage you to review this Privacy Policy periodically for any updates.
13. Contact Information
If you have any questions, concerns, or requests related to your personal data or this Privacy Policy, please contact us at:
Email: [email protected]
Website: https://tinyblessingsmom.com
We take privacy seriously and are committed to ensuring that your rights are respected in accordance with international data protection standards.
Compliance Commitment
Tiny Blessings Mom affirms its commitment to GDPR and CCPA compliance and to protecting the privacy of all individuals who interact with our website. For privacy-related inquiries, please email us at [email protected].