Privacy Policy
mediumisthemess.com
1. Introduction
Medium Is the Mess (“we,” “us,” or “our”) is committed to safeguarding the privacy and personal data of all individuals who interact with our website, services, and digital assets. This Privacy Policy reflects our dedication to transparency, accountability, and compliance with global data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (as amended) (“CCPA”). We prioritize the protection of your personal information and outline here how it is collected, used, shared, and secured.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through the website located at mediumisthemess.com (“Website”) and any communications or interactions you may have with us through the Website or related services.
For the purposes of the GDPR and other applicable data protection legislation, the data controller responsible for your personal data is Medium Is the Mess. Any inquiries relating to the processing of your personal information may be directed to our contact email at [email protected].
3. Categories of Data Processed
We collect and process different categories of personal and technical data to provide, maintain, and improve our Website and services:
a. Usage Data
Includes information about how you use our Website, such as your IP address, browser type, operating system, referring pages, timestamps, duration of sessions, and navigation paths.
b. Account Data
Personal data voluntarily submitted when you create or update an account with us. This may include your name, email address, mailing address, phone number, and login credentials.
c. Profile Data
Includes your preferences, account settings, content engagement behavior, purchase history, and responses to surveys and promotions.
d. Communication Data
Includes information contained in any communications you send to us, including customer support inquiries, feedback, and contact form submissions. Records of such communications may be stored for quality assurance and compliance.
e. Technical Data
Device data, operating system, browser configuration, device types, screen resolution, network identity, time zone setting, and plug-in details.
f. Transaction Data
Includes details about payments or orders you have made, such as billing addresses, contact details, payment methods (masked), and delivery information.
g. Preference Data
Information collected regarding your marketing preferences, product or content interests, and any explicit consents given for notifications or direct marketing.
4. Legal Bases for Processing
We process your personal data based on one or more of the following lawful bases:
– Contractual Necessity: To fulfill our obligations to you under a contract, including providing you with services or processing your purchases.
– Legitimate Interest: For purposes such as enhancing Website performance, fraud prevention, and network security, provided that such interests are not overridden by your rights.
– Consent: In cases where we request your explicit permission to process data (e.g., marketing communications), consent will be the lawful basis.
– Legal Obligations: When we are legally required to collect or disclose information to comply with applicable laws, regulations, or governmental orders.
5. Your Rights
Under applicable data protection legislation (including GDPR and CCPA), you have the following rights with respect to your personal data:
– Right of Access: You are entitled to request details of the personal data we hold about you.
– Right to Rectification: You may update or correct inaccurate or incomplete personal data.
– Right to Erasure: You can request the deletion of your personal data, subject to lawful retention obligations.
– Right to Restriction: You may request us to limit the processing of your personal data in specific circumstances.
– Right to Data Portability: You may request to receive your personal data in a structured, commonly used, and machine-readable format.
– Right to Object: In certain cases, you may object to our processing of your personal data, particularly where processed on legitimate interest grounds or for direct marketing.
– Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time.
– Right to Non-Discrimination (CCPA): You have the right not to receive discriminatory treatment for the exercise of your privacy rights.
To exercise these rights, you may contact us at [email protected]. We may request verification of your identity before fulfilling such requests.
6. Security Measures
We implement robust physical, administrative, and technical safeguards designed to protect your personal data from unauthorized access, accidental loss, misuse, or alteration. These include:
– End-to-end encryption and TLS-protected transmissions
– Role-based access control and secure authentication protocols
– Regular system updates and vulnerability scanning
– Secure data storage, including backups and recovery systems
– Employee training and internal policies covering data privacy compliance
7. International Transfers
We may transfer your personal information to jurisdictions outside of your country of residence, including to servers maintained by us or our trusted processors. In such events, we ensure that appropriate safeguards are in place, such as adherence to standard contractual clauses approved by the European Commission, Privacy Shield frameworks, or equivalent regulatory mechanisms to ensure lawful and secure transfer of data.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to satisfy legal, regulatory, or contractual obligations. Specific data retention periods include:
– Usage Data: 12 months for analytics and security auditing
– Account and Profile Data: Retained for the life of your active account and for up to 90 days post account deletion
– Transaction Data: Up to 7 years for tax and accounting compliance
– Communication Data: Up to 3 years
– Preference Data: Maintained until you update or withdraw your preferences
9. Cookie Policy
mediumisthemess.com uses cookies and similar tracking technologies to enhance your user experience and improve our services. Cookies are categorized as follows:
– Essential Cookies: Necessary for core functionality, such as logging in or navigating secure areas of the Website.
– Functional Cookies: Enhance usability and customization, such as remembered logins or settings.
– Analytics Cookies: Collect anonymized data to understand interaction with our content and performance (e.g., Google Analytics).
– Performance Cookies: Help us measure service efficiency and troubleshoot issues by tracking website behavior and loading speed.
10. Cookie Management and Compliance
Upon visiting our Website, you are presented with a cookie consent banner in compliance with GDPR and CCPA requirements. You may manage your cookie preferences at any time through your browser settings or by using the cookie management tools on the Website.
We honor “Do Not Track” signals and provide an opt-out mechanism for the sale or sharing of data as required under the CCPA.
11. Children’s Privacy
mediumisthemess.com does not knowingly collect, solicit, or store personal information from children under the age of 13. If it is discovered that we inadvertently possess such data, we will promptly delete it. Parents or guardians who believe that their child has submitted personal information to us may contact us at [email protected] to request deletion.
12. Policy Updates & User Notifications
We reserve the right to amend this Privacy Policy at our discretion. Material changes will be communicated to our users via the Website, banners, or direct notifications where applicable. Your continued use of mediumisthemess.com after such updates constitutes your acknowledgment of the revised Policy.
13. Contact Information
If you have any questions about this Privacy Policy, your rights, or how your data is handled, you may reach us at:
Email: [email protected]
We are committed to complying with applicable data protection regulations and ensuring a privacy-forward experience for all users of mediumisthemess.com. Please do not hesitate to reach out with any concerns or requests related to your personal data.