Privacy Policy
1. Introduction
At marieherbert.com, we are fully committed to protecting the privacy and personal data of all individuals who interact with our website, products, services, and communications. We prioritize your right to privacy and adhere strictly to international legal standards, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), to ensure transparent, secure, and ethical handling of your data. This Privacy Policy sets out how we collect, use, disclose, and safeguard your personal information.
2. Scope of Policy and Role of the Data Controller
This Privacy Policy applies to all personal data collected through and in connection with the use of marieherbert.com and any direct communications you may have with us. For the purposes of data protection law, marieherbert.com operates as the “Data Controller” – the organization responsible for determining the purposes and means of processing your personal information.
If you are located in the European Economic Area (EEA), California, or another jurisdiction with robust data protection legislation, we process your personal data in accordance with the requirements of the applicable laws.
3. Categories of Data We Process
We may collect and process the following categories of personal data:
· Usage Data – Information on how you interact with the website, including browser type, device ID, IP address, session duration, and page views.
· Account Data – Information provided when creating a user profile or registering for our services, including your full name, email address, mailing address, and phone number.
· Profile Data – Data regarding your website behavior, submitted preferences, previous purchases, and service usage patterns.
· Communication Data – Records of correspondence with you, including customer support queries, feedback, and responses to contact forms.
· Technical Data – Details about your device, operating system, network settings, browser configuration, and other diagnostic data associated with access to marieherbert.com.
· Transaction Data – Information related to purchases, billing records, delivery addresses, transaction IDs, and selected payment methods. (Note: marieherbert.com does not directly store full payment details; these are handled by secure third-party processors.)
· Preference Data – Your consent records, communication settings, and indications of interest in specific products, services, content, or events.
4. Legal Bases for Processing
We rely on the following lawful grounds to process your personal data in accordance with GDPR Article 6 and relevant provisions under the CCPA:
· Consent – When you voluntarily provide information and explicitly agree to our use of it for a specified purpose (e.g., newsletter registration, marketing).
· Contractual Necessity – When processing is required to fulfill a contract with you or to take pre-contractual steps at your request (e.g., providing services or goods purchased via marieherbert.com).
· Legitimate Interest – When the processing is necessary for our ongoing business operations, such as maintaining website functionality, securing services, and optimizing user experience, provided it does not override your fundamental rights.
· Legal Obligation – Where processing is mandated by legal or regulatory requirements (e.g., tax reporting, fraud prevention).
5. Your Rights
As a data subject, and subject to applicable law, you have the following rights regarding your personal data:
· Right of Access – To request a copy of the personal data we hold about you.
· Right to Rectification – To request correction of any inaccurate or incomplete data.
· Right to Erasure – To request deletion of your data, in certain circumstances (“Right to be Forgotten”).
· Right to Restriction – To request limiting of processing under specific conditions.
· Right to Data Portability – To receive your data in a structured, commonly-used format and transmit it to another controller, where applicable.
· Right to Object – To object to processing based on our legitimate interests or for direct marketing purposes.
To submit any of these requests, please contact us at [email protected].
Under the CCPA, California residents further have the right to:
· Know what categories and specific pieces of personal information we have collected.
· Request deletion of your personal information.
· Opt-out of the sale of personal information (note: marieherbert.com does not sell your data).
We will not discriminate against you for exercising any of your privacy rights.
6. Security Measures
We implement rigorous technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include but are not limited to:
· Use of strong encryption protocols during data transmission.
· Access controls, authentication mechanisms, and role-based data limitation.
· Regular data backups with secure storage.
· Staff data protection training and operational accountability programs.
While we strive to ensure secure data handling at all times, no method of transmission or storage can be guaranteed as 100% secure.
7. International Data Transfers
Where personal data is transferred outside the EEA, United Kingdom, or jurisdiction with similar data protection standards (e.g., to third-party service providers), we ensure that such transfers are governed by appropriate safeguards. These may include standard contractual clauses (SCCs), certification schemes, approved codes of conduct, or reliance on adequacy decisions where applicable.
8. Data Retention
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. The retention periods vary depending on the data type:
· Usage & Technical Data – retained for up to 24 months for analytics and diagnostics.
· Account & Profile Data – retained for the life of your account plus 12 months post-deactivation.
· Transaction Data – retained for up to seven years to comply with financial and taxation obligations.
· Communication Data – retained for up to five years for record-keeping and service quality purposes.
· Preference Data – retained until you withdraw consent or for a maximum of five years from collection.
You may request earlier deletion at any time, subject to legal limitations.
9. Cookie Policy
marieherbert.com uses cookies and similar technologies to enhance your browsing experience and understand how users interact with our content. Cookies fall into the following categories:
· Essential Cookies – necessary for website functionality and security (e.g., session authentication).
· Functional Cookies – used to remember user preferences and settings (e.g., language selection).
· Analytics Cookies – help us collect usage data to optimize performance and content relevance (e.g., through Google Analytics).
· Performance Cookies – monitor website responsiveness and load behavior for improvement purposes.
We do not use cookies to track you across websites nor do we permit third-party advertising trackers without your consent.
10. Cookie Management and Compliance
Upon your first visit to marieherbert.com, you will be presented with a cookie consent banner. You can choose to accept all cookies, reject non-essential cookies, or customize your preferences. Users can also manage or delete cookies at any time via browser settings.
We ensure our cookie practices comply with GDPR requirements concerning consent management, as well as CCPA obligations surrounding transparency and opt-out rights.
11. Protection of Children’s Data
marieherbert.com does not knowingly collect personal information from individuals under the age of 13. If we become aware that such data has been unintentionally collected, we will take immediate steps to delete the information from our records.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at [email protected].
12. Policy Updates
We reserve the right to revise or update this Privacy Policy to reflect changes in legal requirements or our data handling practices. When significant changes are made, we will endeavor to notify registered users by email or provide a notification on the home page of marieherbert.com. We encourage you to periodically review this policy to remain informed of your rights and our commitments.
13. Contact
For any questions, concerns, or requests related to this Privacy Policy or the handling of your personal data, please contact:
Data Privacy Officer
Email: [email protected]
We are committed to processing your query promptly and in accordance with applicable data protection laws.
—
This Privacy Policy is issued in compliance with GDPR, CCPA, and other relevant international privacy regulations. For further assistance regarding our commitment to your data privacy, please contact us at [email protected].