Privacy Policy for SadlyBroke.com
1. Introduction
At SadlyBroke.com (“we”, “us”, or “our”), your privacy is a priority. We are committed to protecting the personal data of our visitors, customers, and users (“you”) and handling it in a lawful, fair, and transparent manner. This Privacy Policy outlines how we collect, use, disclose, store, and protect your personal information in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws. We value your trust, and we uphold the highest standards of data privacy by design and default.
2. Scope of Policy and Data Controller
This Privacy Policy applies to all personal data collected through your interaction with the website sadlybroke.com and associated services. SadlyBroke.com is the data controller for personal data processed under this Policy, meaning we determine the purposes and means of processing your information. By using our website or services, you acknowledge the practices described below.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a) Usage Data
Information about how you interact with our website, including which pages you visit, your IP address, browser type, operating system, session duration, time zone settings, and other diagnostic data.
b) Account Data
Includes personal details you provide upon registration or account creation such as your full name, residential or billing address, email address, and contact phone number.
c) Profile Data
Information related to your preferences, user settings, past purchases, wishlist items, shopping behavior, browsing interests, and communication preferences.
d) Communication Data
Includes the content and metadata of communications exchanged with us, such as emails, live chat history, support tickets, and contact form submissions.
e) Technical Data
Data from the devices you use to interact with our services, including device identifiers, hardware models, operating system version, browser plugins, mobile network and system configuration.
f) Transaction Data
Information related to purchases or financial transactions made via sadlybroke.com, which may include payment details (processed via third-party providers), shipping addresses, and order history.
g) Preference Data
Includes your choices regarding marketing communications, newsletter subscriptions, in-site notifications, product alerts, and campaign participation.
4. Legal Bases for Processing
Your personal data is processed lawfully under one or more of the following legal grounds under GDPR:
– Consent: When you freely provide your information and consent to certain data uses, such as newsletter subscriptions or promotional updates.
– Contractual Necessity: Where processing is necessary to fulfill our contractual obligations to you—for example, when processing orders or account registration.
– Legitimate Interests: To pursue our commercial interests, such as improving user experience, fraud prevention, and securing our services, provided your fundamental rights do not override these interests.
– Legal Obligation: In cases where we are required to comply with applicable laws and regulations.
Under the CCPA, we do not sell your personal data. We use it solely for the business purposes outlined in this Policy.
5. Your Rights
In accordance with GDPR, California law, and other applicable frameworks, you have the following rights over your personal data:
– Right to Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You are entitled to request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your data in certain situations (commonly referred to as the “right to be forgotten”).
– Right to Restrict Processing: You can ask us to limit the processing of your data under specific circumstances.
– Right to Data Portability: You have the right to request your data in a structured, commonly used format and transfer it to a third party.
– Right to Object: You may object to data processing based on legitimate interests or for direct marketing.
To exercise these rights, please email us at [email protected]. We may request verification of identity before processing your request.
6. Security Measures
We have implemented robust technical and organizational security measures to protect your personal data against unauthorized access, modification, or loss. Our safeguards include but are not limited to:
– HTTPS encryption across all data transmissions
– Secure firewalls and intrusion detection systems
– Access controls and authentication protocols
– Encrypted data storage when applicable
– Regular data backups and disaster recovery practices
– Staff training on data protection obligations
Despite our efforts, no system is entirely immune to risks. Therefore, we continuously assess and enhance our security framework.
7. International Transfers
Where your personal data is transferred outside the European Economic Area (EEA) or other regulated jurisdictions (e.g., to service providers located in the United States), we ensure such transfers are protected by appropriate safeguards. These may include:
– Standard Contractual Clauses issued by the European Commission
– Binding corporate rules of our processors
– Adequacy decisions issued by the European Commission recognizing the recipient country’s data protection regime
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Policy, or to comply with legal obligations. General retention periods include:
– Usage and Technical Data: up to 12 months
– Account and Profile Data: as long as the account remains active or up to 5 years after deactivation
– Communication Data: up to 3 years from the last user interaction
– Transaction Data: retained for 6–10 years for financial recordkeeping
– Consent and Preference Data: until consent is withdrawn or updated
Upon expiration of retention periods, data is securely deleted or anonymized.
9. Cookie Policy
SadlyBroke.com uses cookies and similar tracking technologies to enhance user experience, analyze site performance, and provide personalized content. Types of cookies used include:
– Essential Cookies: Required for website functionality, such as login authentication, shopping cart operations, and security.
– Functional Cookies: Enable personalization features like language preferences and saved settings.
– Analytics Cookies: Collect anonymous statistics on site usage to help us improve service quality, using tools such as Google Analytics.
– Performance Cookies: Improve the speed and responsiveness of our website features.
10. Cookie Management and Legal Compliance
Upon your first visit, you are presented with a cookie consent option in compliance with GDPR and CCPA. You may adjust cookie preferences at any time through our cookie manager or your browser settings. Where required, we will request explicit opt-in consent prior to storing non-essential cookies on your device.
Under CCPA, you have the right to opt out of data sharing that could be interpreted as a “sale.” We do not sell your personal data. Any data sharing with service providers (e.g., analytics platforms) is governed by compliant data processing agreements.
11. Children’s Privacy
SadlyBroke.com is not directed toward individuals under the age of 13, and we do not knowingly collect or solicit personal data from children. If we learn that we have unintentionally gathered data from a minor without verifiable parental consent, we will delete such information promptly. Parents or legal guardians may contact us at [email protected] to request data removal or clarify concerns.
12. Policy Updates and User Notification
We reserve the right to amend this Privacy Policy to reflect changes in our practices, legal requirements, or technological developments. Substantive changes will be posted on this page. Where required by law, we will notify you directly (e.g., via email or prominent site notice) before updates become effective.
We encourage you to review this Policy periodically to stay informed about how we protect your data.
13. Contact Us
If you have any questions regarding this Privacy Policy, including your rights or how your data is used, please contact us:
Email: [email protected]
Website: https://sadlybroke.com
Final Statement
SadlyBroke.com is committed to full compliance with the GDPR, CCPA, and all applicable data protection laws. We strive to handle your data with care, confidentiality, and transparency. For any privacy-related requests, please reach out to [email protected].