PRIVACY POLICY
MediumIsTheMess.com (“we,” “our,” or “us”) is strongly committed to safeguarding your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and protect personal data in the context of your use of our website (mediumisthemess.com), in compliance with applicable data protection laws, including but not limited to the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
1. COMMITMENT TO PRIVACY AND DATA PROTECTION
We recognize the importance of preserving the privacy and confidentiality of personal data. At MediumIsTheMess.com, we adhere to the highest standards of data protection to ensure that your information is handled responsibly and transparently. This policy reflects our commitment to comply with our legal obligations and to respect your rights as a user.
2. SCOPE OF POLICY AND DATA CONTROLLER ROLE
This policy applies to all users who access, use, or interact with the website mediumisthemess.com and the services we provide through it. For the purposes of applicable data protection law, the data controller responsible for your personal data is:
MediumIsTheMess.com
Email: [email protected]
3. CATEGORIES OF DATA WE PROCESS
We may collect and process the following categories of personal data:
a. Usage Data
Includes information regarding how you use the website and services, such as your IP address, browser type, operating system, referral sources, durations of visits, and pages viewed.
b. Account Data
Includes information provided when you register or open an account with us, such as your full name, billing and shipping address, email address, and phone number.
c. Profile Data
Includes your preferences, interests, purchase history, feedback, and website behavior patterns.
d. Communication Data
Includes records of communications you send to us (e.g., support inquiries, contact forms, emails) and our responses, including timestamps and attachments.
e. Technical Data
Includes device identifiers, browser plug-in types and versions, time zone settings, platform data, and system configuration information.
f. Transaction Data
Includes information related to orders, payments, invoicing, delivery address, and payment method details. We do not store full payment card details; these are handled securely by third-party processors.
g. Preference Data
Includes your consents to marketing communications, newsletter subscriptions, and recorded interests in certain products or services.
4. LEGAL BASES FOR PROCESSING
We process your data only where lawful under GDPR and other applicable data protection laws. Legal bases include:
– Performance of a Contract: To fulfill a transaction or provide services you request.
– Consent: Where required, we seek your explicit consent before collecting and using your data.
– Legal Obligation: Where we are legally required to process your data, such as maintaining tax records.
– Legitimate Interests: To administer and improve our website, prevent fraud, and respond to your inquiries, where such processing does not outweigh your rights and freedoms.
5. YOUR RIGHTS
Subject to applicable law, you have the following rights regarding your personal data:
– Right of Access – You may request a copy of the data we hold about you.
– Right to Rectification – You may ask us to correct inaccurate or incomplete data.
– Right to Erasure – You may request that we delete your data, subject to legal or contractual obligations.
– Right to Restriction – You may ask us to restrict the processing of your data in certain circumstances.
– Right to Data Portability – You may request that we transfer your information to another provider.
– Right to Object – You may object to data processing based on our legitimate interests or for direct marketing.
To exercise any of these rights, please contact: [email protected].
6. SECURITY MEASURES
We implement and maintain robust technical and organizational measures to protect your data, including:
– Data encryption in transit and at rest
– Role-based access controls
– Regular data backups and disaster recovery processes
– Staff privacy training and confidentiality agreements
– Secure infrastructure and vulnerability management protocols
Despite these measures, no system can guarantee absolute security, and users are urged to use caution when transmitting data online.
7. INTERNATIONAL TRANSFERS
Where your data is transferred outside of the European Economic Area (EEA) or other relevant jurisdictions (e.g., to servers or service providers in the United States), we ensure such transfers are protected by appropriate safeguards, including standard contractual clauses approved by the European Commission or other recognized mechanisms.
8. DATA RETENTION
We retain personal data only for as long as necessary for the purposes for which it was collected, including:
– Usage Data: Up to 12 months afterward for analytics
– Account Data: While the account is active and for 6 years following closure for tax/audit obligations
– Profile and Technical Data: Retained no longer than 24 months of last interaction
– Transaction Data: Kept for legal and financial compliance (typically 7 years)
– Communication Data: As long as necessary to address inquiries (typically 2 years)
– Preference Data: Maintained until consent is withdrawn or data is no longer relevant
Data may be retained longer where legally required or to establish, exercise, or defend a legal claim.
9. COOKIE POLICY
We use cookies and similar technologies to enhance your experience. Cookies collected fall into these categories:
– Essential: Necessary for website functionality (e.g., login, security)
– Functional: Support personalization (e.g., language preferences)
– Analytics: Collect anonymous statistics to improve site performance
– Performance: Monitor responsiveness and user session flows
Certain cookies are placed by third-party providers we trust (e.g., Google Analytics). No cookie will be placed that contradicts user consent preferences.
10. COOKIE MANAGEMENT AND COMPLIANCE
Upon visiting mediumisthemess.com, users are presented with the option to accept or customize cookie preferences pursuant to GDPR and CCPA standards. You may also control cookie behavior through your browser settings or use our Cookie Preference Center to manage consent at any time.
California residents have the additional right to opt out of the “sale” of personal information, which we do not knowingly undertake.
11. CHILDREN’S PRIVACY
Our website is not intended for children under the age of 13. We do not knowingly collect personal data from anyone under 13. If we become aware that we have inadvertently collected such data, we will delete it without delay. Parents or guardians who believe their child may have submitted personal data can contact us at [email protected].
12. POLICY UPDATES & USER NOTIFICATION
We reserve the right to amend this Privacy Policy to reflect changes in law, technology, or business operations. Updates will be posted on this page and, where materially relevant, we will notify registered users via email or onsite alert mechanisms. Continued use of mediumisthemess.com will constitute acceptance of any revised terms.
13. CONTACT US
If you have questions, inquiries, or would like to exercise your rights regarding this Privacy Policy or your data, please contact us at:
Email: [email protected]
We are committed to data protection and privacy compliance and welcome the opportunity to address any concerns related to your personal data.