Privacy Policy
1. Introduction
At Mama Joy Vibes (“we,” “us,” or “our”), accessible via mamajoyvibes.com, we are fully committed to safeguarding your personal data and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect your information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We believe privacy is a fundamental right, and we process your personal data with transparency, integrity, and care.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through your use of our website mamajoyvibes.com, including any services, features, or communications associated with it. For the purposes of data protection legislation, Mama Joy Vibes is the data controller responsible for determining how and why your personal data is used.
If you are a resident of California or a jurisdiction that provides specific consumer privacy rights, our privacy practices are aligned with those legal obligations.
3. Categories of Personal Data We Process
We may collect, use, store, and transfer various categories of personal data including but not limited to:
a. Usage Data
This includes information about how you use our website, such as your browser type, IP address, device identifiers, pages viewed, access times, and referring URLs.
b. Account Data
When you create an account or make a purchase, we collect identifying information such as your full name, billing and shipping address, email address, and telephone number.
c. Profile Data
This may include your interests, product preferences, browsing behavior, and past purchases, enabling us to personalize your experience.
d. Communication Data
This includes your communications with us, such as support requests, messages sent via contact forms, email correspondence, and customer service interactions.
e. Technical Data
This data encompasses device information, operating system details, browser configuration, screen resolution, language preferences, and internet service provider.
f. Transaction Data
We collect payment-related information (processed through secure third-party providers), order history, delivery information, and refund activity.
g. Preference Data
This includes your consent choices related to marketing communications, preferred product categories, and newsletter subscriptions.
4. Legal Bases for Processing Your Data
Under the GDPR, we rely on the following legal grounds when processing your personal data:
– Contractual Necessity: Where processing is required to fulfill our contractual obligations with you, such as delivering an order.
– Legitimate Interests: For business activities that do not override your rights, such as service improvement and website analytics.
– Consent: For marketing communications and when legally required to collect data, such as through cookies not essential for site function.
– Legal Obligation: Where processing is needed to comply with legal duties (e.g., tax and accounting requirements).
5. Your Rights
Depending on your location, you may exercise the following rights under data protection laws:
– Right of Access: Obtain a copy of your personal data.
– Right to Rectification: Correct inaccuracies or incomplete data.
– Right to Erasure: Request deletion of your data under certain conditions (“right to be forgotten”).
– Right to Restriction of Processing: Limit how we use your data.
– Right to Data Portability: Receive your data in an accessible format or transfer it to another entity.
– Right to Object: Object to certain types of data use, such as direct marketing.
– Right to Withdraw Consent: At any time where processing is based on your consent.
– Right to Non-Discrimination (CCPA): Exercising privacy rights will not result in discriminatory treatment.
To exercise any of the above rights, please contact us via [email protected]. We may need to verify your identity before fulfilling your request.
6. Security Measures
Protecting your personal information is central to our operations. We implement technical and organizational security measures including:
– SSL encryption to protect transmitted data.
– Access controls and authentication procedures to limit unauthorized access.
– Regular data backups and secure storage.
– Staff privacy training and internal policies promoting best security practices.
Despite these efforts, no system can be guaranteed 100% secure. We encourage you to take appropriate measures to protect your own devices and accounts.
7. International Transfers
Personal data may be transferred to and stored by service providers or affiliates located outside your jurisdiction, including to countries that may not offer an equivalent level of data protection. In such cases, we rely on measures such as Standard Contractual Clauses or adequacy decisions by relevant authorities to ensure compliance with international data transfer obligations.
8. Data Retention
We will retain your personal data only for as long as necessary for the purposes for which it was collected, including the fulfillment of legal, accounting, or reporting obligations. Specific retention periods include:
– Account Data: Retained for the duration of your account and up to 6 years thereafter as required by tax law.
– Transaction Data: Maintained for at least 7 years for auditing and compliance purposes.
– Communication Data: Retained for up to 3 years following the last point of contact.
– Marketing Preferences: Maintained until you withdraw your consent or unsubscribe.
– Browsing and Cookie Data: See retention details in our Cookie Policy below.
9. Cookie Policy
We use cookies and similar technologies to enhance user experience and gather analytics. These include:
– Essential Cookies: Required for the proper functioning of our website.
– Functional Cookies: Remember your preferences and settings.
– Analytics Cookies: Help us understand how users interact with our website (e.g., Google Analytics).
– Performance Cookies: Improve site speed and overall experience.
These technologies may collect personal data such as IP address, browsing behavior, and interaction data.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, we provide clear notice and obtain consent (where required) before deploying non-essential cookies. Users may manage their cookie preferences at any time via the cookie consent tool on our website or through their browser settings. Opt-out mechanisms are provided for applicable targeted advertising and analytics tools.
If you are a California resident, you also have the right to opt-out of the sale or sharing of personal information for targeted advertising purposes.
11. Children’s Data
Mama Joy Vibes does not knowingly collect or solicit personal data from children under the age of 13. If we become aware that such data has been collected without verified parental consent, we will take appropriate steps to delete it. Parents or guardians who believe we have processed data from a child may contact us at [email protected].
12. Policy Updates
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in legal obligations, our data practices, or enhancements to our services. All updates will be posted on mamajoyvibes.com, and where required, we will inform you directly. Continued use of our website following a revision indicates your acceptance of the updated terms.
13. Contact Information
If you have questions or concerns regarding this Privacy Policy or how we handle your data, you may contact us using the details below:
Mama Joy Vibes
Email: [email protected]
Website: mamajoyvibes.com
We are committed to maintaining compliance with all applicable data protection laws and upholding the highest standards of user privacy. Please reach out to us with any privacy-related concerns or to exercise your rights.