Privacy Policy
1. Introduction
At Fairytale Puppets (accessible at fairytale-puppets.com), we are committed to respecting your privacy and safeguarding your personal data. We recognize the importance of transparency and accountability in how we collect, use, and protect your information. This Privacy Policy outlines our data-handling practices and demonstrates our dedication to complying with all applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), among others. Your trust is important to us, and we strive to handle your personal information with care and integrity.
2. Scope and Data Controller
This Privacy Policy applies to all users and visitors of fairytale-puppets.com, including customers, prospective customers, newsletter subscribers, and website guests. For purposes of applicable data protection law, the data controller responsible for your personal data is Fairytale Puppets, and any inquiries regarding this policy or your data can be directed to [email protected].
This Policy covers all processing activities conducted through our website and associated services.
3. Categories of Data We Process
We collect and process various categories of personal data, depending on your interactions with our site and services:
a. Usage Data
Information related to how you use our website, such as IP address, browser type, operating system, browsing behavior, session data, and referring URLs.
b. Account Data
Information provided by you to create and manage a user account, including your name, email address, phone number, and postal address.
c. Profile Data
Information about your preferences, purchase history, browsing behavior, wish lists, and other behavior captured to personalize your experience.
d. Communication Data
Records of your communications with us, including customer support inquiries, service feedback, and correspondence through email or on-site forms.
e. Technical Data
Device identifiers, system configuration presets, device type, time zone setting, operating system, and hardware/software version details.
f. Transaction Data
Details associated with purchases made on our website, including items ordered, delivery instructions, payment information (processed via third-party payment processors), order history, and transactional communications.
g. Preference Data
Marketing preferences, product interest indications, opt-in/opt-out status for campaigns, and customer survey responses.
4. Legal Bases for Processing
We rely on the following legal bases to process your personal data lawfully:
– Contractual necessity: To fulfill our obligations under service agreements, including order processing and account management.
– Legitimate interests: To analyze, improve, and secure our services, provided that these interests are not overridden by your rights.
– Consent: Where we obtain your voluntary consent, such as for marketing emails or optional cookies.
– Legal obligations: Where processing is necessary for compliance with applicable legal requirements.
5. Your Data Protection Rights
As a data subject, you have various rights under applicable data protection laws, including:
– Right of access: You may request a copy of the personal data we hold about you.
– Right to rectification: You are entitled to request corrections to any inaccurate or incomplete data.
– Right to erasure: Subject to applicable conditions, you may request the deletion of your data (“right to be forgotten”).
– Right to restrict processing: You may request the restriction of processing under certain circumstances.
– Right to data portability: You may request to have your data transferred to another service provider in a structured, commonly used format.
– Right to object: You may object to the processing of your data where we rely on legitimate interests or direct marketing purposes.
To exercise your rights, please contact us at [email protected].
6. Security Measures
We have implemented industry-standard technical and organizational security measures to protect your personal data, including:
– Encryption of data in transit and at rest
– Access controls and user authentication for systems
– Regular security training for employees
– Routine data backups and secure server environments
– Monitoring for unauthorized access and vulnerabilities
7. International Transfers
Your data may be transferred to and processed in countries outside of your country of residence, including jurisdictions that may not provide the same level of data protection. When we do so, we use legally approved mechanisms such as the European Commission’s Standard Contractual Clauses or rely on adequacy decisions where applicable. We take appropriate safeguards to ensure your data remains protected throughout any such transfer.
8. Data Retention
We retain your personal data only for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy or comply with legal, regulatory, or contractual obligations. Retention periods vary by data type:
– Account and Profile Data: Retained for the life of your account and deleted upon request or after inactivity.
– Transaction Data: Retained for 7 years for tax, audit, and legal compliance.
– Usage and Technical Data: Retained for up to 12 months for analytics and system integrity purposes.
– Communication Data: Retained for 2 years from last contact.
– Preference Data: Retained until consent is withdrawn or unsubscribed.
9. Cookie Policy
We use cookies and other similar technologies to enhance your experience on fairytale-puppets.com. Cookies are small data files stored on your device used to:
– Ensure the website functions correctly (Essential Cookies)
– Remember user preferences and enhance personalization (Functional Cookies)
– Monitor site performance and detect usability issues (Performance Cookies)
– Analyze user behavior and improve services (Analytics Cookies)
We also use third-party services for analytics and marketing that may set cookies subject to their own privacy policies.
10. Cookie Management & Compliance
You have control over your cookie preferences. Upon your first visit to our website, a cookie banner will display, allowing you to accept, reject, or customize cookies. You can modify your consent at any time via the on-site cookie settings menu. We honor both GDPR and CCPA opt-out requirements and respect Global Privacy Control signals where available.
Users under CCPA have the right to opt out of the “sale” or “sharing” of personal information. Although we do not sell personal data in the traditional sense, we provide options for users to limit the use of cookies that may constitute “sharing” under applicable law.
11. Children’s Privacy
We do not knowingly collect or solicit personal information from children under the age of 13. Users under this age must have parent or guardian consent before using our services. If we discover that a child under 13 has provided us with personal data without such consent, we will promptly delete such information.
12. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in technology, legal requirements, or service offerings. Any significant changes will be communicated through our website and, where appropriate, via email notification. Continued use of fairytale-puppets.com after such changes constitutes your acceptance of the updated terms.
13. Contact Us
For questions, concerns, or requests relating to this Privacy Policy or your personal data, you may contact us at:
Email: [email protected]
We are committed to maintaining compliance with relevant privacy legislation and ensuring your personal data is handled with care. If you believe your privacy rights have been violated, we will work with you to resolve any concerns swiftly and in accordance with applicable laws.