Privacy Policy - Sue Platt

1. Introduction

At sue-platt.com, we are committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, store, and share your personal data, and the rights you have in relation to that data. We recognize the fundamental importance of privacy and we adhere strictly to applicable laws and regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We adopt a privacy-first approach in all areas of our website operations and user interactions.

2. Scope of Policy and Data Controller

This Privacy Policy applies to all visitors, users, and others who access sue-platt.com. The data controller responsible for your personal data is sue-platt.com, which determines the purposes and methods of processing your personal information. Any inquiries regarding this Policy or your data should be directed to [email protected].

3. Categories of Data We Process

We may collect and process the following categories of data, either directly from you or automatically through your use of the website:

a. Usage Data
Information about your visit to sue-platt.com, including your IP address, browser type, operating system, referral URLs, pages viewed, time spent on pages, and other diagnostic data.

b. Account Data
Personal details submitted when you register or interact with the website, including your full name, billing/shipping address, email address, telephone number, and authentication information.

c. Profile Data
Details related to your user experience and behavior on the site, such as saved settings, wish lists, past purchases, product preferences, and participation in promotions.

d. Communication Data
Records of any communications with our support team or via our contact forms, including messages, call logs, emails, and correspondence content.

e. Technical Data
Information on system and device configuration, such as hardware model, device identifiers, browser plug-ins, network type, and mobile device settings.

f. Transaction Data
Transaction information related to the purchase of products or services on the website, including payment methods (processed securely by compliant third-party processors), bank card metadata, order history, and delivery tracking information.

g. Preference Data
Marketing and communication preferences, newsletter signups, opt-ins or opt-outs from promotional content, and stated interests or areas of product engagement.

4. Legal Bases for Processing Your Data

We process your data under lawful bases as established by applicable data protection laws:

– Consent: Where you have actively given permission—for example, by subscribing to newsletters or accepting marketing cookies.
– Contractual Necessity: To fulfill orders, manage accounts, or perform services under an agreement with you.
– Legal Obligation: To comply with our legal and regulatory responsibilities.
– Legitimate Interest: For purposes such as improving user experience, detecting fraud, securing services, and conducting analytics—provided that such interests are not overridden by your privacy rights.

5. Your Data Rights

Under GDPR, CCPA, and other applicable law, you are entitled to the following rights:

– Right of Access: Obtain confirmation as to whether we process your personal data and, if so, request a copy.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of personal data, subject to legal, contractual, or necessity constraints.
– Right to Restriction: Ask us to limit the processing of your data under certain circumstances.
– Right to Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller.
– Right to Object: Object to the processing of your data based on legitimate interests or direct marketing.

To exercise any of these rights, contact us at [email protected]. We will handle your request in compliance with legal requirements and within an appropriate timeframe.

6. Security Measures

We implement robust technical and organizational security measures to protect your data, including:

– Industry-standard encryption (TLS/SSL) for web traffic and communications
– Role-based access controls and multi-factor authentication for administrative access
– Regular vulnerability assessments and audits
– Secure server backups and disaster recovery procedures
– Ongoing staff training on privacy principles and data breach prevention

7. International Data Transfers

Your information may be transferred to and processed in countries outside of your own jurisdiction, including locations with different data protection laws. We ensure that such transfers comply with applicable regulatory requirements, including the use of Standard Contractual Clauses or other lawful mechanisms to provide appropriate safeguards.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes set out in this Policy or to comply with legal and contractual obligations. Typical retention periods include:

– Account Data: Maintained while the account is active, and for no more than 6 years after closure for legal purposes.
– Transaction Data: Retained for up to 7 years as required for taxation and accounting obligations.
– Usage and Technical Data: Retained for up to 2 years to support analytical and security needs.
– Marketing Preference Data: Retained until you withdraw consent or change preferences.

9. Cookie Policy

sue-platt.com uses cookies and similar technologies to enhance user experience, deliver essential functionality, and analyze web performance. We categorize cookies as follows:

– Essential Cookies: Enable core functionality such as shopping cart, login sessions, and page navigation.
– Functional Cookies: Remember choices you make such as language or regional preferences.
– Analytics Cookies: Help us understand how users interact with our site, including time on page and click behavior.
– Performance Cookies: Measure and improve the speed and responsiveness of our website.

10. Cookie Management and Compliance

Consent for non-essential cookies is obtained via a cookie banner or pop-up upon your first visit. You can manage or withdraw your cookie preferences at any time using our cookie consent tools or by adjusting your browser settings. In accordance with GDPR and CCPA:

– EU users can refuse non-essential cookies prior to any being placed on their device.
– California users may opt out of the “sale” of personal information under CCPA definitions (note: we do not sell personal data in the CCPA sense).
– All users have the right to request details of cookies and trackers deployed on the site.

11. Children’s Privacy

sue-platt.com does not knowingly collect or process personal information from individuals under the age of 13. If we become aware that we have inadvertently collected such data without verified parental consent, it will be promptly deleted. Parents or guardians who believe such data has been collected may contact us at [email protected].

12. Policy Updates and Notifications

We reserve the right to update or amend this Privacy Policy at our discretion. Substantive changes impacting your rights or how data is processed will be communicated via email or onsite notifications. We encourage you to review this Policy periodically to stay informed of any modifications.

13. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

Privacy & Data Protection Officer
Email: [email protected]

—

We are dedicated to maintaining your trust and remaining fully compliant with all data protection laws that apply to your region. If you have questions about how your data is used, processed, or protected, we welcome you to reach out any time at [email protected].