Privacy Policy
1. Introduction
At MA Whitfield (“we,” “us,” or “our”), accessible via mawhitfield.com, we are committed to protecting your privacy and upholding the highest standards of data protection and confidentiality. This Privacy Policy outlines how we collect, use, store, and share your personal information when you interact with our website, products, and services. We are dedicated to processing personal data in accordance with applicable privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), with a strong emphasis on transparency, accountability, and respect for individual rights.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users and visitors of mawhitfield.com and governs the processing of personal data collected through the website or related services. MA Whitfield acts as the Data Controller for the personal information you submit or that we collect when you interact with our platform. Our role as Data Controller means we determine the purposes and means of processing your personal data in a lawful and responsible manner.
3. Categories of Data Processed
We collect and process various categories of personal data depending on your interaction with our services:
a) Usage Data
Includes information about your visit and behavior on our website, such as IP address, browser type and version, time zone setting, pages visited, time spent on pages, referrer URL, and site navigation patterns.
b) Account Data
Information you provide when creating an account or making a purchase, including full name, billing and shipping address, email address, telephone number, and other identifying information.
c) Profile Data
Includes user preferences, interests, feedback, purchase history, survey responses, or behavioral patterns based on your interactions with our site and services.
d) Communication Data
Records of correspondence with us, such as customer service inquiries, support requests, emails, and other communication logs.
e) Technical Data
Details about your device(s) and equipment used to access mawhitfield.com, including operating system, network configuration, server logs, browser plug-in types, languages, and mobile network information.
f) Transaction Data
Details of the products or services you have purchased from us, including payment information (handled by third-party processors), delivery address, billing preferences, and order history.
g) Preference Data
Your marketing communication choices, product interests, and consent or refusal to receive promotional material.
4. Legal Bases for Processing Personal Data
We only process personal data when we have a valid legal basis under the GDPR or CCPA. These bases include:
– Consent: Where you have given clear permission for us to process your data for specific purposes, such as subscribing to a newsletter.
– Contract Performance: Where processing is necessary for the performance of a contract (e.g., fulfilling an order you’ve placed).
– Legal Obligation: When we are required to comply with legal or regulatory obligations.
– Legitimate Interests: Where processing is necessary for our legitimate business operations, and does not override your privacy rights (e.g., analytics, fraud prevention, improving services).
5. Your Rights
You have the following rights regarding your personal data:
– Right of Access: Obtain confirmation as to whether we are processing your personal data and access a copy of that data.
– Right to Rectification: Request corrections to inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data when it is no longer necessary or if you withdraw consent.
– Right to Restriction: Request that we limit the processing of your data under certain conditions.
– Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format and transfer it to another controller.
– Right to Object: Object to the use of your data for direct marketing or where processing is based on legitimate interests.
– Right Under CCPA (California Residents): Request disclosure of the categories and specific pieces of personal information we collect, the purpose, and any third parties with whom the data is shared. You also have the right to request deletion of your data and to opt out of the sale of personal information. We do not sell personal data.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational measures to ensure the security and confidentiality of your personal data, including:
– Encryption of personal data in transit and at rest.
– Role-based access controls limiting access to authorized personnel only.
– Regular data backups and disaster recovery protocols.
– Mandatory privacy and security training for staff handling personal information.
7. International Data Transfers
Where necessary, personal data may be transferred to and processed in countries outside your jurisdiction. Any such transfer will be conducted in compliance with GDPR and relevant data protection laws. We use Standard Contractual Clauses and implement additional safeguards where needed to ensure the protection of personal data transferred internationally.
8. Data Retention
We retain your personal data for as long as necessary to fulfill the purposes set out in this Privacy Policy. Retention periods by category include:
– Usage & Technical Data: Retained for up to 24 months for analytical purposes.
– Account & Transaction Data: Retained for up to 7 years for tax, accounting, and legal obligations.
– Communication Data: Retained for 3 years to resolve disputes and improve customer service.
– Profile & Preference Data: Retained while your account is active or until you withdraw consent.
Once the applicable retention period has elapsed, data will be securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies on mawhitfield.com to enhance your experience, analyze traffic, and enable essential functions. Our use of cookies falls into the following categories:
– Essential Cookies: Required for the website to function properly, such as navigating pages or accessing secure areas.
– Functional Cookies: Help remember user settings and preferences to improve usability.
– Analytical Cookies: Collect aggregate data on website usage to help us improve performance and design.
– Performance Cookies: Monitor site responsiveness and load speeds.
10. Cookie Management & Compliance
Visitors to mawhitfield.com are provided with a cookie consent banner upon their first visit. You may accept or reject non-essential cookies via that banner or by adjusting your browser settings. We respect “Do Not Track” signals and provide recognizable opt-in and opt-out mechanisms in compliance with GDPR and CCPA standards.
For a detailed list of the cookies we use and their purposes, or to update your preferences, please contact us at [email protected].
11. Special Protections for Children
We are deeply committed to protecting the privacy of children. mawhitfield.com is not directed toward individuals under the age of 13. We do not knowingly collect personal data from children under 13. If we become aware that such data has been collected inadvertently, we will delete it promptly.
12. Policy Updates
We may revise this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. Revised policies will be posted prominently on mawhitfield.com. While we may notify you of material changes via email or other communication channels, we encourage you to review this policy periodically to stay informed of our privacy practices.
13. Contact Information
If you have questions, concerns, or wish to exercise your privacy rights, please contact us at:
MA Whitfield
Email: [email protected]
Website: mawhitfield.com
We are fully committed to compliance with GDPR, CCPA, and all applicable data protection laws. Your privacy matters to us—please do not hesitate to reach out with any data protection inquiries or concerns.