Privacy Policy for Get Dizzy With Lizzie
1. Introduction
At Get Dizzy With Lizzie (“we”, “us”, “our”), accessible via getdizzywithlizzie.com (the “Website”), we are committed to safeguarding the privacy and personal data of our users. We take your privacy seriously and process your personal information in accordance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy describes how we collect, use, disclose, and protect your personal data while ensuring your rights are respected.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who access the Website. For the purposes of GDPR, Get Dizzy With Lizzie is the data controller responsible for the processing of your personal data. If you have any questions about our data practices, you may contact us at [email protected].
3. Categories of Data Processed
We process a range of data from users for various purposes, as detailed below:
a. Usage Data: Includes data about how you interact with the Website such as IP address, browser type, referring/exit pages, operating system, timestamps, session data, and usage trends.
b. Account Data: Information you provide at registration or checkout, including your full name, email address, mailing address, telephone number, and account credentials.
c. Profile Data: Includes your communication preferences, browsing behaviors, interests, purchase history, saved items, and feedback.
d. Communication Data: Any correspondence with us, including your queries, contact form submissions, customer support communications, and chat interactions.
e. Technical Data: Device identifiers, system configurations, browser plugins, internet provider, screen resolution, and other technical data from your device when accessing getdizzywithlizzie.com.
f. Transaction Data: Payment information, billing/delivery addresses, order history, financial confirmation from payment processor (e.g., last four digits of a card), and transactional metadata.
g. Preference Data: Your choices and consents related to marketing communication, product categories of interest, and notification settings.
4. Legal Bases for Processing
We rely on the following bases to lawfully process your personal data:
– Performance of Contract: Where processing is necessary to fulfill our obligations under a service or sale agreement, such as processing an order.
– Legitimate Interests: For internal operations, fraud prevention, and service improvement, unless those interests are overridden by your rights and interests.
– Consent: Where you give explicit consent for specific purposes (e.g., subscribing to newsletters). You may withdraw consent at any time.
– Legal Obligation: Where processing is required to comply with law, enforce our terms, or respond to lawful governmental requests.
5. Your Rights
In accordance with the GDPR and CCPA, you have the following rights regarding your personal data:
– Right of Access: Request disclosure of the data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to retention obligations.
– Right to Restriction of Processing: Request that we limit how your data is processed under certain circumstances.
– Right to Data Portability: Request to receive your data in a structured, commonly used format and have it transferred to another controller where technically feasible.
– Right to Object: Object to processing based on legitimate interest, or object to direct marketing.
– California Residents: You may request disclosure of categories of personal data collected, the purpose of use, and third parties with whom the data is shared. You may also request non-discrimination for exercising your rights.
To exercise any of these rights, you may contact us at [email protected].
6. Security Measures
We implement a comprehensive suite of technical and organizational security measures to ensure the confidentiality, integrity, and availability of your personal data. These include:
– Data encryption (in transit and at rest)
– Role-based access control
– Secure server infrastructure and firewall policies
– Regular data backups and security audits
– Employee training on data protection practices
7. International Transfers
If your data is transferred outside your country of residence, we implement appropriate safeguards to ensure its protection. For EEA users, we rely on Standard Contractual Clauses approved by the European Commission. Data recipients are required to comply with GDPR-equivalent protections.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal and accounting requirements. Typical retention periods are:
– Usage and Technical Data: up to 12 months
– Account, Profile, and Transaction Data: retained for up to 7 years for legal and tax compliance
– Communication Data: retained for up to 3 years following the last interaction
– Preference Data: retained until consent is withdrawn or updated
Anonymized, aggregated data that does not identify a specific individual may be retained indefinitely.
9. Cookie Policy
Cookies and similar tracking technologies are used on getdizzywithlizzie.com to provide a tailored and efficient user experience. Categories include:
– Essential Cookies: Required for core features like account logins and checkout processes.
– Functional Cookies: Store user settings and customizable features to enhance your experience.
– Analytics Cookies: Collect data about website usage, visitor paths, and engagement metrics to improve our services.
– Performance Cookies: Help us optimize site performance by identifying technical issues.
10. Cookie Management and Compliance with GDPR & CCPA
Upon your first visit to getdizzywithlizzie.com, you will be presented with a cookie banner allowing you to accept or customize your preferences. You may adjust your cookie choices at any time through the Cookie Settings link in our site footer. Users from the EU and California are provided mechanisms to opt out of non-essential cookies as required by law.
You may also manage cookies directly through your browser settings. Please note that blocking certain cookies may affect the functionality of our Website.
11. Special Protections for Children Under 13
We do not knowingly collect personal information from individuals under the age of 13. If we become aware that we have collected such data without appropriate parental consent, we will take steps to promptly delete it. Parents or guardians who believe their child has submitted personal information may contact us at [email protected].
12. Policy Updates & User Notifications
We may revise this Privacy Policy from time to time to reflect changes in legal requirements or our processing practices. Substantive changes will be communicated via notices on our website or via direct email, depending on your contact preferences. Please review this Privacy Policy periodically for updates.
13. Contact
For questions, concerns, or requests related to your privacy and this Privacy Policy, please contact us at:
Email: [email protected]
Website: getdizzywithlizzie.com
We are committed to maintaining your trust and compliance with all applicable privacy laws. If you have any concerns or wish to exercise your rights, we encourage you to reach out to us directly.