Privacy Policy for peachesndream.com
At Peaches & Dream, accessible via peachesndream.com (“the Website”), we are committed to protecting your personal data and upholding your privacy rights. This Privacy Policy outlines how we collect, use, disclose, and protect your personal data in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable laws. We adopt a diligent, privacy-first approach, and your trust is of paramount importance to us.
1. Commitment to Privacy and Data Protection
Peaches & Dream values transparency and integrity in the handling of personal information. We process your data responsibly, securely, and only where necessary to provide an optimal and consistent experience across our services. Whether you are browsing our site, making a purchase, or communicating with us, we treat your data with care and respect.
2. Scope of Policy and Data Controller Role
This Privacy Policy governs the data processing conducted via the Website, and applies to all users and visitors. For the purposes of applicable data protection laws, Peaches & Dream is the “data controller” responsible for determining the purposes and means by which personal data is processed.
3. Categories of Data Processed
We collect and process different categories of personal information depending on how you interact with us, including:
– Usage Data: Information about how you use the Website, including your IP address, browser type, operating system, access times, and pages visited.
– Account Data: Information provided during account creation or checkout, such as your name, email address, postal address, and phone number.
– Profile Data: Preferences, purchase history, behavioral patterns, and product interests based on interactions with the Website.
– Communication Data: Correspondence sent to us, customer support interactions, and contact form submissions.
– Technical Data: Device information, browser settings, operating system details, and third-party integrations or plug-ins used.
– Transaction Data: Details of purchases, billing and shipping addresses, payment methods, and order history.
– Preference Data: Marketing consents, opt-in/opt-out choices, preferred communication channels, and feedback submitted.
4. Legal Bases for Processing
We rely on the following lawful bases under GDPR and CCPA to process your personal data:
– Contractual Necessity: To fulfill our obligations under a contract with you (such as processing orders or providing services).
– Legal Obligation: Where required to comply with applicable laws and regulations.
– Legitimate Interests: For business needs that do not override your fundamental privacy rights, such as optimizing our site or preventing fraud.
– Consent: Where you have given us explicit permission (e.g., to receive marketing emails). You may withdraw consent at any time.
5. Your Rights
As a data subject, you have rights under data protection laws, which include:
– Right of Access: Obtain confirmation of whether we process your personal data, and request a copy of that data.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your personal data where legally permitted.
– Right to Restriction: Request restriction of processing under certain circumstances.
– Right to Data Portability: Receive personal data provided to us in a structured, commonly used format and/or transfer it to another controller.
– Right to Object: Object to processing based on legitimate interests or direct marketing.
To exercise your rights, please contact us at [email protected]. We will respond to valid requests in accordance with applicable laws.
6. Security Measures
We maintain a comprehensive array of organizational, technical, and administrative measures to safeguard personal data. These include:
– Industry-standard encryption and secure socket layer (SSL) technologies for data transmission
– Access controls and authentication mechanisms for internal systems
– Role-based permissions and data minimization principles
– Continuous staff training on data protection and privacy principles
– Regular backups and infrastructure patching
– Monitoring and logging of security-related events
Despite our security measures, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure.
7. International Transfers
Where personal data is transferred to countries outside your jurisdiction, including jurisdictions outside the European Economic Area (EEA), we ensure adequate safeguards are in place. These include standard contractual clauses approved by the European Commission and commitments to regional data protection standards. All third parties involved in such transfers are subject to appropriate compliance obligations.
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected, and in accordance with applicable legal requirements:
– Account and Transaction Data: Retained for as long as your account is active or as required by law (e.g., tax or accounting purposes).
– Communication and Support Data: Retained as long as necessary to resolve your query and maintain a record of customer support.
– Technical and Usage Data: Retained for site optimization, only for as long as needed to fulfill analytical or operational functions.
– Marketing Preference Data: Retained until you withdraw consent or opt-out of communications.
After expiry of the applicable retention periods, personal data is securely destroyed or anonymized.
9. Cookie Policy
The Website uses cookies and similar technologies to collect certain information automatically. Cookies help us provide core site functionality, analyze usage patterns, and customize content delivery. We categorize our cookies as follows:
– Essential Cookies: Necessary for the operation of the Website. These include authentication, session management, and cart functionality.
– Functional Cookies: Enable enhanced features such as account personalization and stored preferences.
– Analytics Cookies: Collect data on how visitors interact with the Website, helping us improve user experience with aggregated insights.
– Performance Cookies: Measure page loading speed and responsiveness to enhance performance.
10. Cookie Management and Compliance with GDPR & CCPA
In line with GDPR and CCPA requirements, you have the right to control the use of cookies. Upon first visit, you will be presented with a banner allowing you to accept or reject non-essential cookies. You can also manage cookie preferences through your browser settings or via a cookie preference center available on the Website.
We respect “Do Not Track” (DNT) signals and implement user controls to opt-out of data selling or sharing mechanisms as required by CCPA.
11. Special Protections for Children
This Website is not intended for, and we do not knowingly collect data from, children under the age of 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such data promptly. Parents or guardians may contact us at [email protected] to request deletion.
12. Policy Updates
We reserve the right to amend or update this Privacy Policy at our discretion. Any significant changes, particularly those that impact your rights or the lawful basis for processing, will be communicated directly via email or posted prominently on peachesndream.com. We encourage users to revisit this page regularly to stay informed about our privacy practices.
13. Contact Us
If you have any questions, concerns, or complaints regarding this Privacy Policy or our data handling practices, please contact us at:
Email: [email protected]
We are committed to promptly addressing your inquiries and resolving privacy-related issues in accordance with applicable data protection laws.
Statement of Compliance
We strive to maintain full compliance with the GDPR, CCPA, and all relevant data privacy regulations. Your privacy is our priority, and we welcome all questions or feedback regarding how we protect and use your personal data. Please reach out any time at [email protected].