Privacy Policy for marksealy.com
1. Introduction
At marksealy.com, we are committed to safeguarding the privacy and personal data of our users. Protecting your information is a core part of our values and business operations. This Privacy Policy explains how we collect, use, store, disclose, and protect your data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of This Policy and Role of Data Controller
This Privacy Policy applies to all personal information collected by marksealy.com through your use of our website and associated services. For purposes of data protection laws, marksealy.com serves as the data controller responsible for the handling of your information. Should you have any queries regarding this policy or your data, you may contact us at [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data, either directly from you or indirectly through your use of our services:
– Usage Data: Information obtained from your browser and device, including your IP address, session identifiers, access timestamps, and browsing behavior on our website.
– Account Data: Details you provide when creating or updating an account, which may include your name, residential or billing address, email address, and phone number.
– Profile Data: Information about your preferences, purchase history, product interests, and behavior on our platform.
– Communication Data: Records of your correspondence with us, including customer support messages, inquiries, and contact history.
– Technical Data: Data related to your connection to our website, such as access device type, software configurations, browser version, mobile carrier, and operating system.
– Transaction Data: Information relevant to any purchases or transactions on the website, including billing data, shipping address, and payment confirmations (note: we do not store full payment card numbers; such information is handled by secure third-party service providers).
– Preference Data: Details on your opt-in status for newsletters, marketing or promotional materials, and stated product or service interests.
4. Legal Bases for Processing
We process personal data under applicable legal bases, depending on the context of collection and use:
– Consent: With your explicit consent, we may process data for marketing communications, non-essential cookies, and other voluntarily provided services.
– Performance of Contract: When necessary, we process your data to fulfill a contract with you, including providing services, responding to inquiries, or managing transactions.
– Legal Obligation: Certain data may be processed to comply with applicable laws or court orders.
– Legitimate Interests: We process usage, technical, and communication data to improve website functionality, enhance user experience, secure our systems, and address fraud or misuse concerns, provided these interests do not override your rights.
5. Your Rights
Under the GDPR and CCPA, you have the following rights regarding your personal data:
– Right of Access: Obtain confirmation and a copy of personal data we hold about you.
– Right to Rectification: Request corrections to any inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your data under specific conditions (e.g., when processing is no longer necessary, or consent is withdrawn).
– Right to Restriction: Request temporary or permanent suspension of processing in certain circumstances.
– Right to Data Portability: Receive your personal data in a commonly used, machine-readable format for transfer to another controller.
– Right to Object: Object to data processing based on legitimate interests or for direct marketing purposes.
To exercise any of your rights, please contact us at [email protected].
6. Security Measures
We implement industry-standard security measures to protect your data from loss, misuse, disclosure, and unauthorized access, including:
– End-to-end encryption during data transmission.
– Multi-factor authentication and role-based access restrictions.
– Frequent automated backups and disaster recovery protocols.
– Staff training on data protection awareness and best practices.
7. International Data Transfers
Where we transfer your personal data outside of the European Economic Area (EEA) or other jurisdictions with data protection adequacy, such transfers are subject to standard contractual clauses or other lawful mechanisms to ensure an adequate level of protection in accordance with GDPR requirements.
8. Data Retention
We retain personal data only for the time necessary to fulfill the purposes for which it was collected, which varies depending on data type:
– Usage and Technical Data: Up to 12 months from collection for analytics and site optimization.
– Account, Profile, and Communication Data: As long as your account remains active, plus a retention period of up to 6 years to comply with legal or contractual obligations.
– Transaction Data: Retained for a minimum of 7 years for financial and audit purposes.
– Preference Data: Retained until you revoke or update your preference settings.
Upon expiration of these periods or upon a valid erasure request, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies on marksealy.com to personalize content, analyze traffic patterns, and improve user experience. Categories of cookies include:
– Essential Cookies: Required for website functionality such as login, session management, and security.
– Functional Cookies: Enable site personalization and remember your choices (e.g., language or region).
– Analytics Cookies: Help us understand usage patterns and interactions with our content (e.g., Google Analytics).
– Performance Cookies: Optimize site speed and responsiveness based on user behavior data.
10. Cookie Management and Regulatory Compliance
Under the GDPR and CCPA, you have the right to control your cookie preferences:
– When visiting marksealy.com, a cookie banner allows you to accept or reject non-essential cookies.
– You can also modify your browser settings to block specific types of cookies or delete existing ones from your device.
– California residents may opt out of the “sale” of their data under CCPA if applicable, by using the Do Not Sell My Information link (where relevant).
11. Protections for Children
marksealy.com is not directed to, and does not knowingly collect or solicit personal data from, children under the age of 13. If we become aware that we have inadvertently collected personal data from a child without verifiable parental consent, we will promptly delete such information.
12. Policy Updates and Notifications
We may update this Privacy Policy to reflect changes in data practices, legal obligations, or operational needs. Material changes will be communicated via appropriate channels, including notices posted on the website or direct correspondence where feasible.
13. Contact Information
For questions or concerns regarding this Privacy Policy, the handling of your personal data, or to exercise any of your rights, please contact:
Email: [email protected]
Website: marksealy.com
We maintain full compliance with the GDPR, CCPA, and other applicable data privacy laws. We take your concerns seriously and are committed to providing clear recourse and action for privacy-related queries.