Privacy Policy
1. Introduction
Tiny House Craftsman (“we”, “us”, “our”) values your privacy and is fully committed to the lawful, transparent, and fair handling of your personal data. This Privacy Policy outlines our practices regarding the collection, use, processing, and disclosure of your data in accordance with applicable privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
We recognize the importance of protecting your personal information and privacy rights, and we strive to maintain a privacy-first approach in every aspect of our operations and interactions through our website at tinyhousecraftsman.com.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected via our website and services offered thereon. Tiny House Craftsman is the data controller of personal data processed via this website. If you have any questions or concerns regarding the use of your personal data, you may contact us via email at [email protected].
3. Categories of Data Processed
We collect and process the following categories of personal data, either directly from you or automatically through your use of tinyhousecraftsman.com:
a. Usage Data
Includes information such as browser type and version, IP address, time zone settings, pages viewed, and user session details.
b. Account Data
Includes your full name, billing and shipping address, email address, phone number, and account login credentials (where applicable).
c. Profile Data
Includes saved preferences, purchase history, behavior while using our website (e.g., wishlist items, reviews), and demographic details supplied voluntarily.
d. Communication Data
Includes correspondence history, support tickets, user feedback, and responses to forms or surveys submitted through the site.
e. Technical Data
Includes device identifiers, operating systems, browser plug-ins, screen resolutions, platform diagnostics, and network information.
f. Transaction Data
Includes your payment details (processed securely by third-party payment processors), delivery and order information, and invoice records.
g. Preference Data
Includes records of consent for marketing communications, subscription preferences, responses to promotions, and product interest profiles.
4. Legal Bases for Processing
We rely on the following legal bases for processing your personal data:
– Consent: Processing based on your affirmative consent, specifically for marketing or promotional purposes.
– Contractual Necessity: Processing required to fulfill our contractual obligations, such as account management, order fulfillment, or customer services.
– Legal Obligation: Compliance with applicable legal requirements, such as tax or fraud-prevention obligations.
– Legitimate Interests: Processing necessary for our business interests, including improving website functionality, securing our systems, and analyzing service usage, provided such interests are not overridden by your rights and freedoms.
5. Your Rights
Depending on your jurisdiction and applicable regulatory framework, you may have the following rights regarding your personal data:
– Right of Access: Obtain confirmation and a copy of the data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your data, subject to legal and contractual obligations.
– Right to Restrict Processing: Request limits on how your data is used.
– Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format and transmit it to another controller.
– Right to Object: Object to processing based on legitimate interest or direct marketing.
– Right to Withdraw Consent: Withdraw your consent where processing is based solely on it.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational measures to protect your personal information, including:
– Encryption of data in transit and at rest.
– Access control systems limiting data access to authorized personnel.
– Data redundancy and secure backup solutions.
– Regular employee training on data protection principles.
– Monitoring and logging for prevention of unauthorized access or data breach.
We continuously evaluate and enhance these measures to address emerging risks and keep your data secure.
7. International Transfers
Personal data may be processed outside your country of residence, including in countries that may not offer the same level of data protection. Where applicable, we ensure adequate safeguards are implemented, including the use of Standard Contractual Clauses approved by the European Commission, and compliance with applicable regional privacy requirements.
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected and as required to comply with legal, regulatory, or contractual obligations. Retention periods vary by data category:
– Usage and Technical Data: retained for up to 13 months for analytics and diagnostic purposes.
– Account and Profile Data: retained for the duration of your account and up to 2 years after its closure.
– Transaction Data: retained for up to 7 years for tax and audit purposes.
– Communication Data: retained for up to 3 years following the last contact.
– Preference Data: retained until the withdrawal of consent or as required by applicable regulations.
9. Cookie Policy
Tinyhousecraftsman.com uses cookies and similar tracking technologies to enhance user experience and analyze site performance. Cookies used on the website fall into the following categories:
– Essential Cookies: Required for core functionality, such as security, user authentication, and session management.
– Functional Cookies: Enable enhanced functionality and personalization (e.g., remembering preferences).
– Analytics Cookies: Help us measure website performance, usage patterns, and identify areas of improvement.
– Performance Cookies: Monitor service uptime, responsiveness, and user engagement metrics.
10. Cookie Management and Compliance with GDPR & CCPA
In accordance with GDPR and CCPA standards, we provide users with full transparency and control over cookies. On first visit, users are presented with a cookie consent banner allowing the selection of preferences.
Users may manage or withdraw cookie consent at any time through the cookie settings on our website or via browser settings. California residents may opt out of “sale” of personal data (as defined by CCPA) by following the “Do Not Sell or Share My Personal Information” link at the footer of our site.
11. Special Protections for Children Under 13
Our website is not directed to children under the age of 13, nor do we knowingly collect personal data from them. If we become aware that data of a user under 13 has been collected, we will take appropriate steps to delete such information and close the relevant account. If you believe we have inadvertently collected such data, please contact us immediately at [email protected].
12. Policy Updates & User Notifications
We reserve the right to update this Privacy Policy as operational, legal, or regulatory changes arise. Material changes will be notified to users through our website or by direct communication via email, where required. Continued use of tinyhousecraftsman.com following such updates will constitute acknowledgment and acceptance of the modified terms.
13. Contact
For questions, concerns, or requests relating to this Privacy Policy or the handling of your personal data, please contact:
Tiny House Craftsman
Email: [email protected]
Website: tinyhousecraftsman.com
We are committed to full compliance with applicable data protection laws and to resolving your concerns in a fair and timely manner. If you feel your rights have not been respected, you may also lodge a complaint with your local data protection authority.