Privacy Policy for dianamitchell.net
1. Introduction
At dianamitchell.net (“Website,” “we,” “us,” or “our”), we are committed to safeguarding the privacy and personal data of all individuals who interact with our Website and services. We view data protection and user privacy as foundational principles of our operations. This Privacy Policy outlines how we collect, use, disclose, and protect your information in accordance with applicable law, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy governs all personal data processed through this Website, accessible at dianamitchell.net, and by any other means through which you interact with us. For the purposes of applicable data protection laws, dianamitchell.net is the Data Controller for the personal data processed through this Website. Any data collected is handled responsibly and in accordance with the purposes described herein.
3. Categories of Data Processed
We may collect and process various categories of personal data, including but not limited to:
a) Usage Data:
Information automatically collected when you access or use our Website, such as:
– IP address
– Browser type and version
– Operating system
– Pages visited and activity on our site
– Time spent on pages
– Referral source
b) Account Data:
Information you provide when creating or modifying an account or contacting us directly, such as:
– Full name
– Email address
– Mailing address
– Phone number
c) Profile Data:
Details related to your interaction with our services, including:
– Purchase history
– Preferences and interests
– Behavioral insights derived from website activity
d) Communication Data:
Records of your communications with us, including:
– Contact forms
– Support correspondence
– Email interactions
e) Technical Data:
Information related to your access device or software, such as:
– Device type
– Language settings
– Time zone
– Browser plug-ins
f) Transaction Data:
Payment-related information necessary to carry out transactions, including:
– Billing details
– Delivery addresses
– Payment method metadata (processed via compliant third-party processors)
g) Preference Data:
Your communication preferences and consent details for:
– Marketing communications
– Product updates
– Promotional offers
4. Legal Bases for Processing
We process your personal data only when we have a lawful basis to do so. These legal bases include:
– Consent: Where you have given explicit permission for processing (e.g., opting into a newsletter).
– Contractual Necessity: When processing is required to perform a contract with you or to take pre-contractual steps (e.g., completing a transaction or registration).
– Legal Obligation: When processing is required to comply with applicable laws.
– Legitimate Interests: When processing supports legitimate functions such as improving our services, securing our Website, or analyzing user trends, provided such interests are not overridden by your data protection rights.
5. Your Rights
In accordance with GDPR, CCPA, and other relevant data protection legislation, you have the following rights with respect to your personal data:
– Right of Access: Obtain confirmation of whether we process your data and receive a copy of such data.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to legal and contractual obligations.
– Right to Restriction: Request limitation of processing under certain conditions.
– Right to Data Portability: Obtain your data in a structured, commonly used, machine-readable format, and transmit it to another controller where technically feasible.
– Right to Object: You may object to processing based on our legitimate interests or for direct marketing purposes.
To exercise any of these rights, please email us at [email protected]. We are committed to responding in a timely and transparent manner.
6. Security Measures
We maintain robust technical and organizational measures to protect your personal data against unauthorized access, unauthorized disclosure, accidental loss, and unlawful destruction. These include, but are not limited to:
– Secure socket layer (SSL) encryption
– Restricted internal access controls
– Data backups and recovery mechanisms
– Role-based access permissions
– Employee confidentiality training
Only individuals with a clear need to process data as part of their job functions are granted access under control protocols.
7. International Transfers
Where your personal data is transferred outside the European Economic Area (EEA) or equivalent jurisdictions, we ensure appropriate safeguards are implemented. These may include:
– The use of Standard Contractual Clauses approved by the European Commission
– Transfer to countries with adequacy decisions
– Binding corporate rules or other approved mechanisms under applicable laws
You may contact us for further information regarding such safeguards.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to satisfy legal, accounting, or reporting obligations. Retention periods may include:
– Account and transactional data: 6 years after last interaction
– Communication data: 3 years from last point of contact
– Technical and usage data: up to 12 months for analytics and system integrity
– Marketing and preference data: until consent is withdrawn or five years, whichever is sooner
Data no longer required is securely deleted or anonymized.
9. Cookie Policy
Our Website uses cookies and similar tracking technologies to enhance user experience, conduct analytics, and support our marketing activities. Categories include:
– Essential Cookies: Required for core functionalities such as security and login.
– Functional Cookies: Remember user preferences and choices.
– Analytics Cookies: Collect aggregated usage data to optimize Website performance.
– Performance Cookies: Monitor system performance and improve service delivery.
10. Cookie Management and Compliance
Upon accessing our Website for the first time, you are presented with a cookie consent mechanism in accordance with GDPR and CCPA. You may accept, reject, or customize cookie preferences. You may also configure your browser settings to manage cookies at any time or withdraw previously granted consent.
For California residents, we honor browser-based opt-out signals and provide a “Do Not Sell or Share My Personal Information” control, where applicable.
11. Children’s Privacy
Our services are not directed toward children under the age of 13. We do not knowingly collect, solicit, or process personal data from children. If we learn that data has been collected from a child without verifiable parental consent, we will promptly delete such information. If you believe we may have collected data from a child, please contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to revise this Privacy Policy at our discretion. Changes will be posted on this page and, where appropriate, communicated via prominent notices or direct email. By continuing to use dianamitchell.net after such revisions, you acknowledge your awareness of the updated terms.
13. Contact Us
If you have any questions about this Privacy Policy, your rights, or our data handling practices, please contact our Privacy Team at:
Email: [email protected]
Website: https://dianamitchell.net
We are committed to maintaining transparency, accountability, and compliance with all applicable privacy regulations. Users are encouraged to reach out with any privacy-related questions or concerns.