Privacy Policy
At georgiasantafe.com (“we”, “us”, or “our”), your privacy is of paramount importance. We are committed to safeguarding the confidentiality, integrity, and availability of your personal data and ensuring full transparency regarding how your information is collected, used, disclosed, and protected. This Privacy Policy outlines our practices in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.
1. Commitment to Privacy and Data Protection
Your trust matters to us, and we uphold the highest standards of data protection and ethical information handling. We work diligently to protect your personal information and give you meaningful control over how it is used. This policy describes in detail our data processing practices and your rights as a user of georgiasantafe.com.
2. Scope of Policy and Role of Data Controller
This Privacy Policy applies to all users and visitors of georgiasantafe.com and to all personal data collected through our website, messaging platforms, or in relation to our products and services. For the purposes of data protection law, we act as the “data controller,” determining the purpose and manner in which your data is processed. If you have any questions or concerns, you may contact us at [email protected].
3. Categories of Personal Data We Process
We collect and process various categories of personal data to provide, improve, and tailor our services. The following outlines the types of data we may collect:
a) Usage Data
Includes data about your interactions with georgiasantafe.com such as IP address, browser type, browser version, pages visited, time spent on pages, dates and times of access, and other diagnostic data.
b) Account Data
Includes your full name, email address, postal address, phone number, and other identifiers when you create an account or place an order through georgiasantafe.com.
c) Profile Data
Includes data regarding your purchases, preferences, interests, feedback, product views, and browsing behavior to enhance your user experience.
d) Communication Data
Includes records of your correspondence and interaction with us, such as messages sent through contact forms, inquiries, customer support requests, and email history.
e) Technical Data
Includes data related to the device and operating system you’re using to access georgiasantafe.com, including device identifiers, browser plug-in types, and network information.
f) Transaction Data
Includes payment information (processed securely via third-party providers), purchase history, billing and shipping addresses, delivery details, and invoicing records.
g) Preference Data
Includes data indicating your consent for marketing communications, chosen communication channels, and information about your product and content preferences.
4. Legal Bases for Processing
We only process your personal data when legally permissible. The legal bases for processing include:
– Consent: where you have provided clear, affirmative consent for us to process your data for a specific purpose.
– Contract: where processing is necessary to fulfill a contract with you, such as completing a purchase.
– Legal obligation: where processing is necessary to comply with a legal requirement.
– Legitimate interests: where processing is necessary for our legitimate business interests and is not overridden by your rights and freedoms.
5. Your Rights Under GDPR and CCPA
You have a right to exercise control over your personal data. Subject to applicable law, your rights include:
– Access: Request access to your personal data and receive a copy.
– Rectification: Request correction of inaccurate or incomplete data.
– Erasure: Request deletion of your personal data, subject to certain conditions.
– Restriction: Request a limitation on how we process your data.
– Portability: Receive your data in a structured, commonly used format and transfer it to another controller.
– Objection: Object to the processing of your data under specific circumstances.
– Withdrawal of Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal.
– Non-Discrimination: We will not discriminate against you for exercising your rights under the CCPA.
To exercise any of the rights above, you may contact us at [email protected].
6. Security Measures
We employ comprehensive security measures to protect your personal data, including:
– Encryption of traffic and stored data using industry-standard protocols
– Access control and authentication mechanisms to ensure only authorized personnel can access sensitive data
– Regular data backups to prevent data loss
– Employee training on data protection, confidentiality, and incident reporting procedures
Although no system can guarantee absolute security, we continuously assess and upgrade our security practices to align with best industry standards.
7. International Data Transfers
If you are located outside the European Union or the United States, please note that your personal data may be processed and stored in jurisdictions outside your own, including in countries that may not offer equivalent levels of data protection. In such cases, we ensure that appropriate safeguards are in place, which may include:
– Standard Contractual Clauses approved by the European Commission
– Binding Corporate Rules
– Verification of data protection frameworks (e.g. Privacy Shield alternatives where applicable)
8. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, as required under applicable law, or to resolve disputes and enforce our agreements. Retention periods are as follows:
– Usage Data: Up to 24 months for analytics and performance monitoring
– Account Data: For the duration of the account’s active use and up to 6 years thereafter for legal or regulatory purposes
– Transaction Data: Retained for a minimum of 6 years for compliance with taxation and financial regulations
– Communication Data: Retained for 3 years after last interaction or user request
– Preference and Profile Data: For as long as necessary for user engagement or until consent is withdrawn
9. Cookie Policy
We use cookies and similar technologies on georgiasantafe.com to improve website functionality, personalize content, and analyze browsing behavior. The types of cookies used include:
– Essential Cookies: Required for basic site functionality and security.
– Functional Cookies: Enhance user experience by remembering choices and preferences.
– Analytics Cookies: Provide aggregated data to help us understand site usage and improve performance.
– Performance Cookies: Optimize loading speeds and ensure stable user interfaces.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA requirements, we provide clear choices regarding cookie usage. When you first visit georgiasantafe.com, you are presented with a cookie consent banner that allows you to manage your cookie preferences. You can also modify or withdraw your consent at any time through your browser settings or our cookie preference center.
11. Special Protections for Children Under 13
georgiasantafe.com is not intended for use by individuals under the age of 13. We do not knowingly collect or process personal data of children. If we become aware that we have inadvertently collected data from a child under 13, we will promptly delete such data. Parents or guardians with concerns about children’s data may contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to modify or update this Privacy Policy at our discretion. Changes may reflect evolving legal, technical, or business developments. Any substantial updates will be communicated through georgiasantafe.com or via email if applicable. Continued use of the site constitutes acceptance of the revised policy.
13. Contact Us
For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Website: https://georgiasantafe.com
Our team is dedicated to addressing your inquiries in accordance with your rights under applicable data protection laws.
We are committed to full compliance with GDPR, CCPA, and other relevant regulations. If you have concerns regarding how your personal data is handled, please do not hesitate to contact us—we are here to help.