Privacy Policy for OnlyOneMommy.com
1. Introduction
At OnlyOneMommy.com, we are committed to protecting your privacy and ensuring the security of your personal data. We acknowledge the importance of transparency and data protection, and we strive to handle all information in compliance with applicable privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our website and services.
2. Scope of This Policy and Role as Data Controller
This Privacy Policy applies to all users and visitors of the website OnlyOneMommy.com (hereafter, the “Website”), including all services and content offered therein. For the purpose of GDPR and other applicable data protection legislation, OnlyOneMommy.com acts as the “Data Controller,” meaning we determine the purposes and methods of processing your personal data.
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Includes information about how you use our Website, such as your IP address, browser type, access dates and times, visited pages, referring URLs, session duration, and geographical location.
b. Account Data
Includes information provided when creating an account or subscribing to our services, such as your name, email address, billing and mailing address, and phone number.
c. Profile Data
Includes preferences, purchase history, behavioral trends on the Website, and personalization settings.
d. Communication Data
Includes records of any support requests, inquiries, or correspondence you initiate with us, including messages sent via contact forms or email.
e. Technical Data
Includes device type, operating system, system configurations, internet service provider details, and browser plug-in types and versions.
f. Transaction Data
Includes information relating to any transactions conducted through the Website, including product selections, payment method, and shipping or delivery information.
g. Preference Data
Includes your marketing and communication preferences, interests related to our products and services, and opt-in or opt-out choices.
4. Legal Bases for Processing
We process personal data only when permitted by law. Our legal bases include:
– Consent: When you provide clear and informed consent for specific uses of your data.
– Contractual Necessity: When processing is necessary for the performance of a contract with you (e.g., fulfilling an order).
– Legal Obligations: When processing is required for compliance with a legal obligation.
– Legitimate Interests: When processing supports our legitimate business interests, provided such interests are not overridden by your rights and freedoms.
5. Your Rights
Pursuant to GDPR and applicable privacy laws, you have the following rights:
– Right of Access: You can request access to your personal data we hold.
– Right of Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data, subject to legal retention obligations.
– Right to Restrict Processing: You may request temporary suspension of data processing.
– Right to Data Portability: You can obtain and reuse your data in a machine-readable format.
– Right to Object: You can object to processing where we rely on legitimate interests or direct marketing.
– Right to Withdraw Consent: At any time where consent was the lawful basis for processing.
6. Security Measures
We implement robust technical and organizational security measures to protect your data, including:
– Encryption of sensitive data at rest and in transit.
– Strict access controls to prevent unauthorized access.
– Routine system and software updates to patch known vulnerabilities.
– Regular backups and disaster recovery protocols.
– Staff training in secure data handling and cybersecurity awareness.
7. International Data Transfers
If your data is transferred outside of your jurisdiction (including outside the European Economic Area), such transfers will be conducted in compliance with GDPR standards, incorporating appropriate safeguards such as:
– Standard Contractual Clauses (SCCs) adopted by the European Commission.
– Transfer to jurisdictions expressly recognized as providing adequate data protection.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as mandated by legal and regulatory requirements. Below are general guidelines:
– Usage and Technical Data: Retained for up to 26 months for analytics purposes.
– Account and Profile Data: Retained while your account is active or pending transaction history review.
– Transaction Data: Retained for up to 7 years to comply with tax and financial regulations.
– Communication Data: Retained for a minimum of 2 years to support customer service and compliance.
– Preference Data: Retained until consent is withdrawn or the user unsubscribes.
9. Cookie Policy
Our Website uses cookies and similar tracking technologies to enhance functionality and user experience. These include:
– Essential Cookies: Necessary for website operation (e.g., site navigation).
– Functional Cookies: Store user preferences and enable customized experiences.
– Analytics Cookies: Help us understand how users interact with our Website (e.g., Google Analytics).
– Performance Cookies: Optimize website performance and loading behavior.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, we offer clear notice and obtain user consent for the use of non-essential cookies. You can manage your cookie preferences through our cookie banner and browser settings. Opting out of certain cookies may affect the full functionality of the Website. California residents may exercise “Do Not Sell or Share My Personal Information” rights in accordance with CCPA regulations.
11. Children’s Privacy
Protecting children’s privacy is of paramount importance. The Website is not intended for use by individuals under the age of 13, and we do not knowingly collect personal information from children. If we discover that data from an individual under the age of 13 has been inadvertently collected, we will delete such data promptly upon notification or discovery.
12. Policy Updates
This Privacy Policy may be updated periodically in order to reflect changes in our practices or legal obligations. You are encouraged to review this page regularly. Material changes may be communicated directly to registered users through email or on-site notifications.
13. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or the handling of your personal data, please contact us:
Email: [email protected]
Website: https://onlyonemommy.com
We take all privacy inquiries seriously and are committed to resolving them promptly in accordance with applicable laws.
We value your trust and are committed to maintaining your privacy. OnlyOneMommy.com operates in full compliance with GDPR, CCPA, and applicable data protection regulations. Please contact us with any privacy-related questions or concerns.