Privacy Policy
1. Introduction
At Giggle Harbor (“we”, “us”, or “our”), accessible via giggleharbor.com (the “Website”), we are committed to processing personal data in accordance with applicable data protection and privacy laws, including the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We recognize the importance of safeguarding your personal information and are dedicated to maintaining your trust by handling your data with transparency, integrity, and respect.
This Privacy Policy outlines how we collect, use, disclose, and protect your information when you use giggleharbor.com.
2. Scope of Policy and Role of Data Controller
This Privacy Policy applies to all visitors, users, and others who access or interact with the Website. Giggle Harbor is the data controller for purposes of applicable data protection laws. This means we are responsible for determining how your personal data is collected, used, and protected.
If you are a resident of the EU, UK, or California, additional regulations may apply as described further herein.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
– Usage Data: Information about your interaction with the Website, including IP address, browser type, browsing behavior, pages visited, time spent, referring URLs, and session information.
– Account Data: When creating an account or placing an order, we may collect personal identifiers such as your full name, address, email address, and phone number.
– Profile Data: Includes preferences, purchase history, wish lists, browsing habits, saved items, and content interactions.
– Communication Data: Records of communications made through our customer support systems, email correspondence, or feedback forms.
– Technical Data: Includes device type, operating system, software version, screen resolution, network type, and system configuration data.
– Transaction Data: Information related to transactions made through the Website, including billing address, shipping address, payment method (note: financial data is processed by third parties and not stored directly), and order history.
– Preference Data: Data regarding your marketing preferences, communication consent, and indicated interests in products or services.
We may combine these data types for the purposes stated below, providing you with a more tailored and secure user experience.
4. Legal Bases for Processing
We rely on the following legal grounds for processing your data:
– Consent: When you provide explicit permission (e.g., email opt-ins or cookie consents).
– Contractual Necessity: Where processing is necessary to fulfill our contractual obligations to you, such as order fulfillment or customer support.
– Legitimate Interests: We may process data to operate giggleharbor.com efficiently, enhance user experience, and prevent fraud or abuse, provided such interests are not overridden by your rights.
– Legal Obligations: To comply with applicable legal requirements, including tax and accounting obligations.
5. Your Rights
You are entitled to the following rights concerning your personal data:
– Right of Access: To request details about the personal data we hold about you.
– Right to Rectification: To correct inaccurate or incomplete data.
– Right to Erasure: To request deletion of your data, subject to legal obligations.
– Right to Restriction: To request a restriction on processing under certain circumstances.
– Right to Data Portability: To receive your personal data in a structured, machine-readable format and transmit it to another controller, where technically feasible.
To exercise any of the above rights, please contact us at [email protected]. We will respond in accordance with applicable laws.
6. Security Measures
To safeguard your personal data, we have implemented robust security protocols, including:
– End-to-end encryption for data transmitted via our Website.
– Role-based access controls and authentication protocols for internal systems.
– Regular system backups and resilience testing.
– Ongoing employee training in data protection, privacy, and cybersecurity.
While we strive to protect your data, no transmission over the internet is entirely secure. Therefore, we cannot guarantee absolute security.
7. International Transfers
If your data is transferred outside of your home jurisdiction, including from the European Economic Area (EEA) or the United Kingdom, we ensure appropriate safeguards are in place. These may include:
– Standard Contractual Clauses approved by the European Commission and UK Information Commissioner’s Office.
– Data Processing Agreements with third-party processors and international partners.
These measures are taken to ensure your data is afforded an adequate level of protection, regardless of location.
8. Data Retention
We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including:
– Account Data: retained for the duration of the account and up to 5 years following inactivity.
– Transaction Data: retained for 7 years for legal and tax records.
– Communication Data: retained for up to 3 years.
– Technical and Usage Data: retained for up to 2 years for analytics and performance improvements.
– Consent and Preference Data: retained for as long as consent is valid or until revoked.
9. Cookie Policy
We use cookies and similar tracking technologies on giggleharbor.com to improve functionality, personalize content, and analyze Website usage.
The types of cookies we use include:
– Essential Cookies: Necessary for the Website to function properly (e.g., session persistence, cart functionality).
– Functional Cookies: Remember your preferences and choices (e.g., language, location).
– Analytics Cookies: Collect data to help us understand how users interact with the Website (e.g., Google Analytics).
– Performance Cookies: Used to monitor Website performance and diagnose issues.
10. Cookie Management and Compliance
You can control or disable cookies through your browser settings. On your first visit, giggleharbor.com provides a consent banner as required under GDPR and CCPA, allowing users to opt in to non-essential cookies.
CCPA residents may also request to opt out of the “sale” of their personal data (note: we do not sell your data within the meaning of CCPA). To exercise this right or manage cookie preferences, visit our Cookie Preferences page or email us at [email protected].
11. Children’s Privacy
giggleharbor.com is not directed to children under the age of 13, and we do not knowingly collect information from minors without verifiable parental consent. If we become aware of such data being collected inadvertently, we will promptly delete it from our records.
If you believe we have collected personal data from a child under 13, please contact us at [email protected].
12. Policy Updates and Notifications
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal obligations, or for other operational reasons. Material changes will be communicated via a banner on our Website or via direct notification when appropriate.
Continued use of giggleharbor.com after such updates constitutes acceptance of the revised policy.
13. Contact Us
If you have any questions, concerns, or would like to exercise your data rights, please contact us at:
Email: [email protected]
We are committed to addressing all privacy-related inquiries with care and in accordance with applicable legal guidelines.
At Giggle Harbor, we are firmly committed to data privacy compliance and transparency. For any concerns regarding how your personal data is handled, please do not hesitate to reach out to us at [email protected].