Privacy Policy for terraceloot.com
1. Introduction
At terraceloot.com (“we”, “our”, or “us”), we are committed to protecting your privacy and ensuring the security of your personal data. We collect and process your personal information with the utmost care and in accordance with applicable privacy and data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy outlines how we collect, use, store, and share your information when you interact with our website and services.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through your use of terraceloot.com, including services, features, and content accessible through the website. For the purposes of applicable data protection laws, terraceloot.com is the “data controller” of your personal information. This means that we determine the purposes and means of processing your personal data.
3. Categories of Data Processed
We collect and process the following categories of personal data:
a. Usage Data
Information about your interactions with our website, including your IP address, browser type, geographic location, operating system, referring URLs, page views, session duration, timestamps, and other diagnostic data associated with your use of terraceloot.com.
b. Account Data
Personal details provided upon registration or order placement, such as your full name, billing and shipping address, email address, and phone number.
c. Profile Data
Information related to your preferences, purchase history, browsing behavior, wishlists, and survey or contest responses.
d. Communication Data
Records of correspondence with us, including emails, contact form submissions, and support requests, alongside metadata such as date/time and response history.
e. Technical Data
Details about the devices used to access our website, including device type, hardware model, operating system version, browser settings, language, and network information.
f. Transaction Data
Information related to payments and purchases made via terraceloot.com, including order details, delivery information, and limited payment information (note: we do not store full payment card details; these are processed securely via third-party payment processors).
g. Preference Data
Data related to your consent for marketing communications, email preferences, abandoned cart reminders, and expressed interest in specific products, categories, or content.
4. Legal Bases for Processing
We process your personal data on the following legal bases, consistent with the GDPR:
– Performance of a Contract: To manage user accounts, deliver goods, fulfill orders, and provide customer support.
– Legitimate Interests: To analyze site usage, enhance user experience, detect security incidents, and send transactional communications.
– Consent: For direct marketing, non-essential cookies, newsletter subscriptions, and other processing where we obtain explicit permission.
– Compliance with a Legal Obligation: To respond to lawful requests, comply with tax and accounting obligations, and cooperate with authorities.
For users subject to the CCPA, we do not sell your personal information and only use it within the boundaries permitted by California law.
5. Your Rights
Subject to applicable laws, you retain the following rights regarding your personal data:
– Right of Access: Request confirmation of whether we process your personal data and obtain a copy.
– Right to Rectification: Request corrections to inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to retention obligations.
– Right to Restriction: Request that we limit the processing of your personal data under certain circumstances.
– Right to Data Portability: Receive a copy of your data in a structured, machine-readable format and transmit it to another controller.
– Right to Object: Object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
You may exercise these rights by contacting us at [email protected]. We will respond promptly and in accordance with applicable regulations.
6. Security Measures
We employ technical and organizational security measures to protect your data, including but not limited to:
– SSL/TLS encryption across all web pages handling confidential or personal data.
– Role-based access controls and secure authentication mechanisms.
– Regular security assessments and updates to our systems and software.
– Network firewalls, anti-malware protections, and secure data backups.
– Mandatory staff training in data protection and privacy, including access to sensitive data only on a need-to-know basis.
7. International Transfers
If and when we transfer personal data outside of the European Economic Area (EEA), we implement appropriate safeguards as required under the GDPR. These may include Standard Contractual Clauses (SCCs) approved by the European Commission, or transfers subject to an adequacy decision. For Californians, we ensure that any sharing of your data with third parties remains consistent with the protections provided under the CCPA.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:
– Usage and Technical Data: Up to 24 months for analytics and diagnostics.
– Account and Communication Data: For the duration of your account or support relationship, then archived for up to 6 years to ensure legal compliance.
– Transaction and Billing Data: For at least 7 years to meet financial and legal obligations.
– Profile and Preference Data: Retained for as long as relevant to your account or until revoked.
We periodically review retention policies to ensure data is not held longer than needed.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance your browsing experience. Cookies are small data files stored on your device that help us understand user behavior, deliver personalized content, and perform website analytics. We use the following types of cookies:
– Essential Cookies: Required for core site functionality, such as user authentication and shopping cart management.
– Functional Cookies: Enable enhanced features like remembering your preferences or login state.
– Analytics Cookies: Help us analyze site usage and performance through services like Google Analytics.
– Performance Cookies: Improve the load speed and responsiveness of our website under user demand.
10. Cookie Management and GDPR/CCPA Compliance
Upon your first visit to terraceloot.com, you are presented with a cookie consent banner providing options to accept or reject non-essential cookies. You may also manage your cookie settings at any time via our “Cookie Preferences” tool accessible on the website footer.
GDPR users will not have unnecessary cookies set without consent. CCPA users may exercise the right to opt out of the “sale” of personal data (although we do not sell personal data, as defined under CCPA).
11. Children’s Privacy
Our services are not intended for children under the age of 13, and we do not knowingly collect personal data from minors. If we learn that we have collected data from a child without verified parental consent, we will delete that information without undue delay. Parents or guardians who believe their child has provided us data may contact [email protected] for immediate assistance.
12. Policy Updates & Notifications
We reserve the right to modify this Privacy Policy to reflect changes in regulatory requirements or our data practices. Any material updates will be communicated via the terraceloot.com website or via email where legally required. Continued use of our site following policy changes constitutes acceptance of the revised terms.
13. Contact
If you have any questions about this Privacy Policy or wish to exercise your rights under applicable data protection laws, please reach out to us at:
Email: [email protected]
—
We are dedicated to maintaining the privacy and security of your personal data in accordance with GDPR, CCPA, and other applicable laws. For any privacy-related inquiries, you are encouraged to contact our team at the address provided above.