Privacy Policy
1. Introduction
At whoisjillscott.com (“we”, “our”, or “us”), we respect the privacy of our users and are deeply committed to protecting your personal data. This Privacy Policy outlines how we collect, process, and safeguard information obtained through our website. We adhere strictly to the principles set forth by the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws to ensure your data is handled lawfully, fairly, and with transparency.
2. Scope and Data Controller
This Privacy Policy applies to all personal data collected through the website located at https://www.whoisjillscott.com (the “Site”). The legal entity acting as the data controller responsible for your personal data is whoisjillscott.com. For any inquiries related to the processing of personal data, you may contact us at [email protected].
3. Categories of Personal Data We Process
We may process the following categories of personal information:
– Usage Data – Includes information such as your IP address, browser type and version, geographic location, referral source, length of visit, pages viewed, and site navigation paths.
– Account Data – Includes your full name, email address, telephone number, billing and shipping address, and other contact details provided at registration or checkout.
– Profile Data – Includes user preferences, interests, purchase history, behavioral tendencies, and content interactions.
– Communication Data – Includes records of email communications, support requests, feedback, responses to surveys or promotions, and correspondence history.
– Technical Data – Includes device identifiers, operating system type and version, screen resolution, browser plug-ins, mobile network information, and system configurations.
– Transaction Data – Includes details about payments submitted via the Site, order history, billing confirmations, and delivery status information.
– Preference Data – Includes your consent choices for marketing communications, product categories of interest, and notification preferences.
4. Legal Bases for Processing
We process your personal data only when there is a lawful basis to do so. These include:
– Contractual Necessity: When processing is required to fulfill a contract with you or to take steps at your request before entering into a contract (e.g., fulfilling orders or responding to inquiries).
– Consent: Where you have clearly agreed to the processing of your personal data for specific purposes (such as marketing communications). You may withdraw your consent at any time.
– Legitimate Interests: Where processing occurs for our legitimate business interests, provided that such interests are not overridden by your privacy rights (e.g., analytics, site improvement, fraud prevention).
– Legal Obligation: When processing is required to comply with a legal or regulatory obligation.
5. Your Rights
As a data subject, you are entitled to the following rights under applicable data protection laws:
– Right of Access: You have the right to obtain confirmation of whether we process your personal data and access to such data.
– Right to Rectification: You may request corrections to any inaccurate or incomplete personal data we hold about you.
– Right to Erasure (“Right to be Forgotten”): You can request the deletion of your data under specific circumstances, such as when processing is no longer necessary.
– Right to Restrict Processing: You can request restriction of processing in certain cases, such as during the verification of accuracy or in the event of unlawful processing.
– Right to Data Portability: You have the right to receive the personal data you have provided to us in a structured, commonly used format and to transmit it to another controller.
You may exercise these rights by contacting us at [email protected].
6. Security Measures
We employ industry-standard administrative, technical, and physical safeguards to secure your personal data. These include, but are not limited to, SSL encryption, role-based access control, encrypted backups, firewalls, and regular employee training regarding data protection practices. While we strive to use commercially acceptable means to protect your data, no transmission over the internet or method of electronic storage is 100% secure.
7. International Data Transfers
If we transfer personal data outside the European Economic Area (EEA), we will ensure an adequate level of protection by implementing legally recognized safeguards, such as:
– Use of Standard Contractual Clauses approved by the European Commission.
– Transfers to countries the European Commission considers as providing an adequate level of data protection.
– Binding corporate rules or certifications under recognized data protection frameworks.
Where data is transferred to the United States or other regions, we will take all reasonable legal, technical, and organizational measures to ensure the same level of protection as mandated under GDPR and CCPA.
8. Data Retention
We retain personal data only as long as necessary to fulfill the purpose for which it was collected, including to comply with legal, regulatory, tax, accounting, or reporting requirements. Specific retention periods include:
– Usage & Technical Data: up to 12 months
– Account & Transaction Data: up to 7 years (for financial reporting)
– Preference & Profile Data: up to 24 months after the last user activity
– Communication Data: up to 3 years for support or compliance purposes
Once retention periods expire, we securely erase or anonymize your information.
9. Cookie Policy
Our website uses cookies to improve user experience and analyze site performance. Categories of cookies we use include:
– Essential Cookies: Required for core functionalities such as security, user authentication, and shopping cart management.
– Functional Cookies: Enable enhanced features such as remembering user preferences and personalization settings.
– Analytics Cookies: Collect aggregated data for performance insights and to help us understand user interaction with the Site.
– Performance Cookies: Help optimize load speeds, responsiveness, and measure delivery of services.
10. Cookie Management and Compliance
When you first visit whoisjillscott.com, you are presented with a cookie banner allowing you to manage your cookie preferences. You may change or withdraw your consent at any time using the cookie settings accessible on the Site. We fully honor “Do Not Sell My Personal Information” provisions under the CCPA and offer transparency and control over tracking under GDPR. For further inquiries or requests, you may contact us at [email protected].
11. Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13, in compliance with the Children’s Online Privacy Protection Act (COPPA). Should we become aware that a child under 13 has provided us with personal data, we will take immediate steps to delete such information. Parents or guardians who suspect that their child may have submitted information to us are encouraged to contact us at [email protected].
12. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in legal, regulatory, or operational standards. We will notify users of any material changes by posting an updated version on whoisjillscott.com and updating relevant user interfaces where appropriate. You are encouraged to review this Policy periodically to stay informed about how we protect your information.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our use of your personal data, please do not hesitate to contact us at:
Email: [email protected]
We are committed to full compliance with applicable data protection regulations and will respond to privacy-related requests within legally mandated timeframes.