Privacy Policy - Katieletcherlyle

Katie Letcher Lyle (“we,” “us,” or “our”) is committed to protecting your privacy and ensuring that your personal data is handled with the highest standards of security, transparency, and compliance. This Privacy Policy outlines how we collect, use, and safeguard personal data through your interactions with our website, katieletcherlyle.com, and associated services. By using this site, you acknowledge and consent to the practices described below, consistent with applicable data protection laws including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Commitment to Privacy and Data Protection

We respect your right to privacy and recognize the importance of protecting information that could directly or indirectly identify you (“personal data”). Our data collection and processing practices are designed to ensure the confidentiality, integrity, and lawful handling of your personal information.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all data collected or processed by katieletcherlyle.com, including data submitted by visitors, customers, and users through the website, email communications, and any digital platforms linked to our services. For purposes of applicable data protection legislation, Katie Letcher Lyle is the “data controller” responsible for determining the purposes and means of processing your personal data.

3. Categories of Data We Process

We may collect and process the following categories of personal data:

a) Usage Data: Information about how you interact with our website, including browser type, IP address, pages visited, referring/exit URLs, date/time stamps, session durations, and website navigation paths.

b) Account Data: Personal details provided when creating an account or interacting with our services, such as your full name, mailing address, email address, and telephone number.

c) Profile Data: Information related to user preferences, browsing behavior, purchase history, and any other content voluntarily added to your profile.

d) Communication Data: Messages sent to us via contact forms or email, support inquiries, and our responses, including the metadata associated with these communications.

e) Technical Data: Details about the devices and technologies you use to access our website, such as operating systems, device models, screen resolution, browser plug-ins, and system configuration.

f) Transaction Data: Information related to purchases or financial transactions, including billing address, payment confirmations, delivery details, and order history. Note that actual payment processing is handled by third-party providers, and we do not store card information.

g) Preference Data: Your marketing preferences, including newsletter opt-in status, advertising consent, communication choices, and areas of personal interest.

4. Legal Bases for Processing Personal Data

We process personal data in accordance with one or more of the following legal bases under GDPR:

– Contractual Necessity: To provide services or products you request.
– Legitimate Interests: To operate and improve our services, ensure network and information security, and engage in reasonable marketing unless outweighed by your privacy rights.
– Consent: For specific purposes, such as sending marketing communications where explicit consent is required.
– Legal Obligation: To comply with applicable legal and regulatory requirements.

5. Your Data Protection Rights

You have a range of rights in relation to your personal data, subject to eligibility and verification:
– Right of Access: You can request a copy of your personal data held by us.
– Right to Rectification: You may correct inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your data under certain conditions.
– Right to Restrict Processing: You can limit how we process your data under specified circumstances.
– Right to Data Portability: You may obtain your data and reuse it across services.
– Right to Object: You may object to our processing of your data based on legitimate interests or direct marketing.
To exercise these rights, contact [email protected]. We may require identity verification for security purposes.

6. Security Measures

We implement appropriate technical and organizational measures to protect your data, including:
– Data encryption in transit and at rest;
– Role-based access control and account authentication;
– Routine security training for internal staff;
– Regular system backups and recovery plans;
– Monitoring for vulnerabilities and breaches.

7. International Data Transfers

Your personal data may be transferred to and processed in jurisdictions outside of your country, including locations where data protection laws differ. Where such transfers occur, we rely on lawful transfer mechanisms such as Standard Contractual Clauses adopted by the European Commission and implement appropriate safeguards to ensure adequate protection of personal data.

8. Data Retention

We retain personal data only for as long as necessary for the purposes outlined in this policy, including to fulfill legal, contractual, accounting, or reporting obligations. Specific retention periods include:
– Usage and Technical Data: 24 months
– Account and Profile Data: While account is active + 2 years
– Communication Data: 3 years after last correspondence
– Transaction Data: 7 years for tax and audit requirements
– Preference and Marketing Data: Until consent is withdrawn or 24 months after last engagement

9. Cookie Policy

Our website uses cookies and similar technologies for multiple purposes:
– Essential Cookies: Necessary for core functionality such as security and navigation;
– Functional Cookies: Enable enhanced functionality and personalization;
– Analytics Cookies: Collect information on usage patterns for site improvement;
– Performance Cookies: Help us measure and improve site speed and responsiveness.

10. Cookie Management & Compliance

Users are provided with a clear option to manage cookie preferences upon visiting katieletcherlyle.com. You may update your consent choices at any time using the cookie management tool available on the website. We do not sell personal information in accordance with CCPA. Visitors may also opt out of data sale or sharing by submitting a request to [email protected].

11. Protections for Children

Our services are not directed to children under the age of 13. We do not knowingly collect or process personal data from individuals under this age. If we become aware that such data has been collected without verified parental consent, we will delete it promptly.

12. Policy Updates

We reserve the right to update this Privacy Policy as needed to comply with changes in law or practices. Material changes will be communicated via website notifications or email, where appropriate. You are encouraged to review this policy periodically for the most current version.

13. Contact Us

If you have questions about this Privacy Policy, your personal data, or wish to exercise your data rights, please contact us at [email protected]. We take privacy matters seriously and are committed to resolving any concerns you may have.

We are fully committed to upholding GDPR, CCPA, and other applicable privacy regulations. For any further privacy-related inquiries, please do not hesitate to reach out through the contact information above.