Privacy Policy for Glam Greats
1. Introduction
Glam Greats (“we,” “us,” “our”) is committed to protecting the privacy and personal data of all users of our website, glamgreats.com (the “Site”). We value transparency, accountability, and your fundamental right to data protection. This Privacy Policy outlines how we collect, process, store, and safeguard personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (GDPR), the California Consumer Privacy Act (CCPA), and other relevant privacy regulations.
2. Scope of This Policy and Data Controller Responsibility
This Privacy Policy applies to all personal data collected or processed through glamgreats.com and associated services. Glam Greats is the data controller for the purposes of the GDPR and is responsible for the lawful handling of your personal data. This policy governs how we collect, process, and use your data, whether you are browsing our Site, making a purchase, creating an account, or interacting with us via customer service.
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data, as applicable to your interaction with our services:
a) Usage Data
Includes your IP address, browser type and version, pages visited, time spent on pages, navigation paths, and information about the timing, frequency, and other behavioral interaction with glamgreats.com.
b) Account Data
Includes your name, billing and shipping addresses, email address, account credentials, and phone number. This data is collected when you register an account or make a purchase on the Site.
c) Profile Data
Includes demographic details, past purchases, product preferences, wish lists, saved items, and browsing behavior related to our products.
d) Communication Data
Includes records and content from customer support inquiries, emails, chat transcripts, and other communications exchanged between you and our support team.
e) Technical Data
Includes device identifiers, operating system version, platform data, screen resolution, mobile carrier, language settings, and system configurations captured as you interact with the Site.
f) Transaction Data
Includes information related to purchases, such as payment method (processed securely via third-party providers), transaction amount, order history, shipping tracking, and billing details.
g) Preference Data
Includes your preferences for marketing communications, subscription choices, and expressed interests in specific product categories.
4. Legal Bases for Processing Personal Data
We process your personal data under the following legal grounds:
– To fulfill our contractual obligations (Art. 6(1)(b) GDPR) when delivering products and providing services you request;
– Based on your consent (Art. 6(1)(a) GDPR), particularly for marketing, cookies, or participation in surveys;
– To comply with legal obligations (Art. 6(1)(c) GDPR), such as maintaining accounting records or responding to lawful requests;
– Pursuant to our legitimate interests (Art. 6(1)(f) GDPR) in enhancing our services, fraud prevention, analytics, and direct marketing (subject to opt-out rights).
Under the CCPA, we do not sell personal information and will not do so without your prior, express consent.
5. Your Rights
Subject to applicable data protection laws, you have the following rights with respect to your personal data:
– Right of Access: Request details of the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data where legally permitted.
– Right to Restriction: Request limitation of processing under certain circumstances.
– Right to Data Portability: Receive your provided data in a structured, commonly used, and machine-readable format or have it transferred to another controller.
– Right to Object: Object to specific data uses, including direct marketing and profiling.
– Right to Withdraw Consent: At any time where processing is based on consent.
California residents may also request:
– Disclosure of categories and specific items of personal information we collect;
– Deletion of personal information (subject to exemptions);
– Information about how we handle personal data;
– The ability to opt out of the selling or sharing of personal data (which we do not engage in).
You may exercise these rights by contacting our support team at [email protected].
6. Security Measures
We implement appropriate technical and organizational measures designed to protect your personal data from unauthorized access, alteration, disclosure, or destruction, including:
– Secure socket layer (SSL) encryption during data transmission;
– Role-based access controls and multi-factor authentication for administrative access;
– Routine data backups and secure storage protocols;
– Regular staff training and data protection awareness programs;
– Regular audits and vulnerability assessments of our environment.
7. International Data Transfers
If your personal data is transferred outside of the European Economic Area (EEA), we ensure an adequate level of protection by employing mechanisms such as:
– Standard Contractual Clauses approved by the European Commission;
– Transfers to jurisdictions recognized by the European Commission as offering an adequate level of data protection;
– Privacy commitments consistent with applicable international standards.
8. Data Retention
We retain personal data for only as long as necessary to fulfill the purposes for which it was collected, including:
– Account and Profile Data: Retained until account deletion or 24 months after last user activity;
– Transaction Data: Retained for 7 years for tax and audit purposes;
– Usage and Technical Data: Retained for up to 24 months for analytics and performance enhancement;
– Communication Data: Retained for 36 months to respond adequately to queries and potential disputes;
– Preference and Consent Data: Retained until preferences are altered or consent is withdrawn.
When data is no longer required, we delete, anonymize, or securely archive it in accordance with legal obligations.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance your browsing experience. Cookies fall into the following categories:
– Essential Cookies: Necessary for website functionality, such as shopping cart management, user authentication, and secure login.
– Functional Cookies: Enable tailored features such as remembering preferences or previously viewed items.
– Analytics Cookies: Assist in understanding how users interact with glamgreats.com, enabling us to improve performance (e.g., via Google Analytics).
– Performance Cookies: Collect aggregated data to assess website features, load times, and navigation paths.
10. Managing Cookies and Consent
When you visit glamgreats.com, you are presented with a cookie consent banner. You may:
– Accept or reject non-essential cookies;
– Customize your preferences via our cookie management settings;
– Modify or revoke consent at any time through your browser or by clearing stored cookies.
We honor Do Not Track (DNT) signals and comply with opt-out mechanisms under the CCPA for California residents.
11. Children’s Privacy
Our Site and services are not directed to children under the age of 13. We do not knowingly collect or solicit personal data from anyone under 13 years of age. If we become aware that we have inadvertently collected such data, we will promptly delete it. Parents or legal guardians who believe their child has provided us with data may contact us at [email protected].
12. Policy Updates
We reserve the right to amend this Privacy Policy as necessary to reflect changes in regulatory requirements, business operations, or practices. Users will be notified of material changes via email, website banner, or other appropriate mechanisms. Continued use of the Site indicates acceptance of the revised policy.
13. Contacting Glam Greats
If you have any questions regarding this Privacy Policy, your rights, or how we process your personal data, please contact us at:
Email: [email protected]
Website: https://glamgreats.com
We take your privacy seriously and are committed to regulatory compliance and transparent data practices.