Privacy Policy

Privacy Policy for Satsuma-Pumpkin.com

1. Introduction

Satsuma-Pumpkin.com (“we”, “us”, “our”) is committed to respecting and protecting your privacy. We understand the importance of safeguarding your personal data and maintaining your trust. This Privacy Policy outlines the categories of personal information we collect from users, how we use and protect that information, and your rights under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all users and visitors of the website located at satsuma-pumpkin.com (the “Site”). For the purposes of GDPR, the data controller responsible for the processing of your personal data is Satsuma-Pumpkin.com. If you have any questions or concerns regarding the processing of your personal information, you may contact us at [email protected].

3. Categories of Data Processed

We may collect, use, store, and transfer various categories of personal data:

a. Usage Data
Information about how you use the Site, such as your IP address, browser type and version, time zone setting and location, browser plug-in types, operating system, referral URLs, page views, session duration, and navigation paths.

b. Account Data
Data you provide when creating an account, including your full name, billing and shipping addresses, email address, and telephone number.

c. Profile Data
Data related to your preferences, purchase history, browsing behavior, Wishlist items, and saved settings on the Site.

d. Communication Data
Any correspondence you send to us, including support inquiries, emails, chat transcripts, and messages sent via contact forms.

e. Technical Data
Device identifiers, system configuration, access timestamps, and diagnostic data collected to assure compatibility and optimal function of the Site.

f. Transaction Data
Details of purchases and orders, payment methods used, delivery tracking, and invoicing records.

g. Preference Data
Choices regarding marketing communication, product categories of interest, and notification preferences.

4. Legal Bases for Processing

We rely on the following legal bases under the GDPR for processing personal data:

– Performance of a contract: to fulfill orders, deliver services, and manage your account.
– Consent: for optional marketing communications, use of non-essential cookies, and preference tracking.
– Legitimate interest: to improve our services, prevent fraud, and ensure Site security.
– Legal obligation: to comply with applicable laws and regulations.

For residents of California, we disclose and process personal data as defined by the CCPA within the permitted purposes and in accordance with your rights.

5. Your Rights

Under the GDPR and CCPA, you have the following data subject rights:

– Right of Access: You may request to receive a copy of your personal data that we hold.
– Right of Rectification: You may request correction of incomplete or inaccurate information.
– Right to Erasure (“Right to be Forgotten”): You may ask us to delete your personal data.
– Right to Restrict Processing: You may request limitations on how your data is used.
– Right to Data Portability: You are entitled to receive your personal data in a portable format.
– Right to Object: You can object to processing based on legitimate interests, direct marketing, or automated processing decisions.
– Right not to be discriminated against: CCPA provides consumers with the right to non-discriminatory treatment in exercising their rights.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We implement industry-standard security measures to safeguard your personal data, including:

– Encryption of sensitive information during transmission using SSL/TLS technology.
– Role-based access control for internal staff and administrators.
– Comprehensive regular backups of data and secure storage practices.
– Ongoing staff training on data protection responsibilities.
– Auditing and monitoring to detect unauthorized activity.

7. International Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) or your country of residence. In such cases, we ensure appropriate safeguards are in place, including the use of European Commission-approved Standard Contractual Clauses (SCCs) and adherence to applicable regional data protection standards.

8. Data Retention

We retain your personal data only for as long as necessary for the purposes described in this Policy:

– Usage and Technical Data: up to 12 months for analytics purposes.
– Account and Profile Data: retained for as long as your account remains active.
– Transaction and Communication Data: retained up to 7 years to comply with legal and fiscal obligations.
– Preference Data: retained until you update or revoke your choices.

We periodically review the data we hold and securely delete or anonymize data no longer required.

9. Cookie Policy

Satsuma-Pumpkin.com uses cookies and similar technologies to improve user experience. Cookies we use include:

– Essential Cookies: Required for the Site to function properly (e.g., session cookies, authentication).
– Functional Cookies: Enable personalization, saved preferences, and live chats.
– Analytics Cookies: Help us understand how visitors interact with our site (e.g., Google Analytics).
– Performance Cookies: Track site performance, load time, and usage metrics.

These cookies may be first-party or third-party and may remain on your device for varying durations.

10. Cookie Management & Compliance

You have the right to control the use of cookies. Upon first visit to the Site, you will be presented with a cookie consent banner in accordance with GDPR and CCPA. You may:

– Accept or reject non-essential cookies.
– Configure settings in your browser to refuse or delete cookies.
– Access the “Cookie Settings” link in our website footer at any time to modify your preferences.

We honor Global Privacy Control signals when received from supported browsers to the extent required by applicable law.

11. Protection of Children’s Data

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal data from children under 13. If you believe that we have inadvertently collected such data, please contact us at [email protected] so that we may promptly delete the information.

12. Policy Updates & User Notifications

We reserve the right to revise this Privacy Policy at any time to reflect changes in law, technology, or our practices. Material changes will be prominently posted on the Site and, where required by law, notified directly via email or a banner notification. We encourage you to review this Policy regularly for updates.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

Email: [email protected]
Website: www.satsuma-pumpkin.com

We are committed to compliance with GDPR, CCPA, and other applicable privacy laws and are dedicated to resolving all privacy-related concerns in a timely and transparent manner.