Privacy Policy
1. Introduction
At marksealy.com, your privacy is of paramount importance. We are committed to safeguarding the personal data of our users and ensuring full compliance with all applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, process, store, and protect your personal information when you use our website. We pledge to handle your data responsibly, lawfully, and with the utmost transparency.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through your interaction with marksealy.com. The data controller responsible for your personal information is Mark Sealy, reachable via [email protected]. As the data controller, we determine the purposes and means of processing any personal data collected.
By using our website and/or submitting your personal data to us, you acknowledge your understanding of this Privacy Policy.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data
Includes browser type, IP address, pages visited, session duration, and other diagnostic data collected automatically through analytics or server logs.
b. Account Data
Includes first and last name, billing/shipping addresses, email address, and telephone number, typically provided when you register or make a purchase.
c. Profile Data
Includes preferences, purchase history, browsing behavior, product interactions, and other profile attributes derived from your use of marksealy.com.
d. Communication Data
Comprises any data exchanged via emails or contact forms, including customer service tickets and prior communication logs.
e. Technical Data
Includes device identifiers, operating system information, and website configuration specifics collected through cookies or similar technologies.
f. Transaction Data
Includes details of payments made and shipping information provided when ordering products or services.
g. Preference Data
Includes your marketing consents, newsletter subscriptions, and records of interest in specific products or services.
4. Legal Bases for Processing
We process your personal data lawfully based on the following grounds:
– Consent: When you explicitly provide consent, such as by subscribing to marketing communications.
– Contract: When processing is necessary to perform a contract with you, including order fulfillment.
– Legitimate Interests: Where we have a legitimate interest in processing your data that does not override your data protection rights, such as analyzing website traffic to improve our services.
– Legal Obligations: Where processing is required to comply with applicable laws or regulatory obligations.
5. Your Rights
Subject to applicable law, you have the following rights in relation to your personal data:
– Right of Access: To request access to the personal data we hold about you.
– Right to Rectification: To request correction of inaccuracies or incompleteness in your personal data.
– Right to Erasure: To request deletion of your personal data, subject to certain legal exceptions.
– Right to Restriction: To request limitation or suspension of our processing of your data.
– Right to Portability: To receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller.
– Right to Object: To object to certain processing practices including marketing and profiling based on legitimate interest.
To exercise any of your rights, you may contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational measures to safeguard your personal data, including:
– Data encryption during transit and at rest using industry-standard protocols.
– Role-based access control to limit internal data access.
– Frequent data backups and secure storage.
– Staff training in data protection principles and secure data handling.
Despite these measures, no method of data transmission or storage is entirely secure. We encourage users to be mindful when sharing personal data online.
7. International Transfers
Where personal data is transferred outside of the European Economic Area (EEA) or California, we ensure such transfers are compliant with relevant data protection laws. This includes the use of Standard Contractual Clauses and verification of adequate levels of protection in the recipient jurisdiction.
8. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected. Retention periods vary by data category:
– Usage and Technical Data: up to 2 years for performance analysis.
– Account and Transaction Data: up to 7 years for legal compliance and transaction history.
– Communication Data: up to 3 years from the date of last contact.
– Preference and Marketing Data: until consent is withdrawn or after 2 years of inactivity.
Once no longer necessary, data is either securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies to enhance user experience and provide essential functions. The types of cookies we use include:
– Essential Cookies: Required for core website functionality, such as user login and shopping cart management.
– Functional Cookies: Enhance usability, remember user preferences, and support personalized experiences.
– Analytics Cookies: Collect aggregated information to understand usage patterns and improve performance.
– Performance Cookies: Monitor site speed, loading errors, and page interactions for optimization purposes.
10. Cookie Management and Compliance
We comply with GDPR and CCPA in the acquisition and use of cookies:
– Prior to placing non-essential cookies, we obtain your explicit consent via a cookie banner.
– You may withdraw consent or manage cookie preferences at any time via our cookie settings interface available on marksealy.com.
– Browser settings also allow you to manually control cookie behavior; however, disabling some cookies may affect site functionality.
11. Children’s Privacy
We do not knowingly collect personal data from children under the age of 13. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at [email protected], and we will take appropriate steps to remove such data promptly.
12. Policy Updates and User Notifications
This Privacy Policy may be updated periodically to reflect legal changes, technological developments, or business enhancements. Material changes will be communicated via the website and, where required, via email or other appropriate channels. Continued use of the website implies acknowledgment of the updated policy.
13. Contact Us
If you have questions, concerns, or wish to exercise your rights regarding your personal data, please contact:
Email: [email protected]
Website: https://marksealy.com
We are fully committed to compliance with GDPR, CCPA, and all applicable privacy laws. Please reach out to us with any privacy-related inquiries or concerns, and we will respond diligently to address them.