Privacy Policy
RusticWander.com (“Website”, “we”, “us” or “our”) is committed to protecting and respecting your privacy. We understand the paramount importance of safeguarding personal data and are fully committed to complying with all applicable privacy regulations, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”), as amended. This Privacy Policy outlines the types of personal data we collect, the purposes for which we process such data, your rights as a data subject, and how we protect your information.
1. Commitment to Privacy and Data Protection
We acknowledge your trust and are dedicated to ensuring the confidentiality and security of your personal data. Our privacy-first approach informs our operations, from how we collect data to how we store, transfer, and process it. This Privacy Policy is intended to provide transparency and control regarding your data when you interact with rusticwander.com.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through your use of rusticwander.com, including when you browse the Website, create an account, make a purchase, or otherwise engage with us.
Rustic Wander acts as the data controller as defined by GDPR, which means that we determine the purposes and means of processing your personal data. For California residents, Rustic Wander is also considered a “business” under the CCPA.
3. Categories of Data We Process
We collect and process various categories of personal data depending on your interactions with our Website:
– Usage Data: This includes information such as your IP address, browser type and version, referring URLs, time zone, geolocation data, pages visited, session duration, and other diagnostic data collected through cookies, log files, and analytical tools.
– Account Data: When you register an account, we collect personal data such as your full name, email address, physical address, and phone number.
– Profile Data: This encompasses your preferences, shopping behavior, wish lists, reviews, and interaction history, including which products you are interested in or have engaged with.
– Communication Data: Includes records of your communication with us (e.g., customer service chat transcripts, emails, and support tickets) for support and compliance purposes.
– Technical Data: Device identifiers, operating system, browser plug-in types and versions, screen resolution, language settings, and device configuration data.
– Transaction Data: Includes billing and shipping addresses, payment confirmations, items purchased, delivery tracking information, and method of payment (note: Rustic Wander does not store your full payment details; this data is handled by our payment processors in accordance with PCI DSS standards).
– Preference Data: Data related to your newsletter subscriptions, consent to receive marketing communications, product category interests, and user experience feedback.
4. Legal Bases for Processing
We process your personal data under the following legal bases, as applicable under GDPR:
– Consent: We rely on your explicit consent to process your data for certain marketing and personalization activities.
– Contractual Necessity: When you purchase products or request services, data processing is necessary to fulfill our contractual obligations.
– Legal Obligation: Processing takes place to satisfy statutory obligations such as tax or accounting requirements.
– Legitimate Interest: We may process data based on our legitimate interests in improving Website security, product development, fraud prevention, and customer support, provided such interests are not outweighed by your data protection rights.
Under the CCPA, we may collect, use, and disclose personal information as “business purposes” and “commercial purposes,” as defined by law.
5. Your Rights
Under applicable data protection laws, you have the following rights concerning your personal data:
– Right to Access: You can request access to the personal information we hold about you.
– Right to Rectification: You have the right to request corrections to incomplete or inaccurate data.
– Right to Erasure (“Right to Be Forgotten”): You may request that we delete your personal data, subject to our legal obligations.
– Right to Restrict Processing: You can request that we limit how your data is used in certain circumstances.
– Right to Data Portability: You may request a structured, commonly used, machine-readable copy of your personal information.
– Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw it at any time.
– California Rights: Residents of California may request information about our data disclosure practices, opt out of data “sale” (as defined under CCPA), and have the right to non-discrimination for exercising their privacy rights.
Requests can be submitted by contacting [email protected]. We may require identity verification before fulfilling your request.
6. Security Measures
We implement a comprehensive set of technical and organizational measures to protect your personal data. These include:
– End-to-end encryption for data in transit and at rest,
– Restricted access based on role-based permissions,
– Regular backups and system integrity monitoring,
– Employee training on data protection and privacy awareness.
Despite our efforts, no method of electronic transmission or storage is 100% secure. However, we maintain industry-standard practices to mitigate risks.
7. International Data Transfers
Given the global nature of the internet and certain processing services we use, your personal data may be transferred outside of the European Economic Area (EEA) or the United States. In such cases, we ensure that these transfers are subject to appropriate safeguards, including:
– Standard Contractual Clauses approved by the European Commission,
– Binding Corporate Rules of subprocessors,
– Evaluation of equivalent privacy protections.
We ensure that these protections are consistent with GDPR and applicable international laws.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required by law. Specific retention periods include:
– Account Data: Retained as long as your account is active;
– Transaction Data: Stored for at least seven (7) years for tax and accounting;
– Communication Data: Retained for up to three (3) years after last interaction;
– Preference and Profile Data: Retained while consent is valid or until you opt out;
– Usage and Technical Data: Retained for analytics typically no longer than 12 months.
Once data is no longer needed, we securely delete or anonymize it.
9. Cookie Policy
We use cookies and similar technologies on rusticwander.com for the following purposes:
– Essential Cookies: Required for the functioning of the Website, including account authentication and navigation.
– Functional Cookies: Enhance personalization and remember your preferences across sessions.
– Analytics Cookies: Measure performance, traffic, and usage patterns via services like Google Analytics.
– Performance Cookies: Help identify errors and optimize design and speed.
These cookies may be set by us or third-party providers acting on our behalf.
10. Cookie Management and GDPR/CCPA Compliance
Upon your first visit to rusticwander.com, you will be prompted to accept or manage your cookie preferences. You may also control cookies through your browser settings, although disabling certain categories may affect Website functionality.
Under GDPR and CCPA, we place cookies based on your consent, except where necessary for core functions. You may withdraw consent or change preferences at any time.
California users may opt out of “selling” or sharing of their personal data, as defined under the CCPA, through our cookie consent tool or by contacting us.
11. Special Protections for Children
Rustic Wander does not knowingly collect or solicit personal data from children under the age of 13. If you are a parent or legal guardian and believe your child has provided personal data without consent, please contact us at [email protected] so we can take appropriate steps.
12. Policy Updates and Notifications
We may update this Privacy Policy to reflect changes in our practices, legal obligations, or technological advancements. Significant changes will be communicated via the Website or to your registered email address when appropriate. Users are encouraged to review this Privacy Policy periodically to stay informed.
13. Contact Us
If you have any questions about this Privacy Policy, your data, or your rights under applicable privacy laws, please contact us at:
Team Rustic Wander
Email: [email protected]
We are committed to maintaining compliance with all applicable privacy laws and ensuring that your personal data is handled securely and transparently. Please do not hesitate to reach out with any concerns.