Privacy Policy
Happy Roots Mama (“we,” “us,” or “our”) is committed to protecting your privacy and safeguarding your personal data. This Privacy Policy outlines how we collect, use, disclose, and secure your personal information when you engage with our website, happyrootsmama.com. Our approach is guided by applicable data protection regulations, including the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We prioritize transparency and user rights, and aim to empower you with control over your personal data.
1. Commitment to Privacy and Data Protection
At Happy Roots Mama, your privacy is of utmost importance. We process your data responsibly, lawfully, and proportionately. Whether you browse our content, make a purchase, or engage with our support team, we handle your data with care and integrity, employing appropriate technical and organizational measures to ensure its security.
2. Scope of This Policy and Our Role as Data Controller
This Privacy Policy applies to all personal data collected through our website, happyrootsmama.com, and related services. We operate as the data controller in respect of any personal data collected via our platform, meaning we determine the purposes and means of processing your data as governed under the GDPR and CCPA.
3. Categories of Personal Data We Collect
We may collect and process the following categories of personal data:
a) Usage Data: This includes information about your browser type, IP address, geographical location, date and time of visits, page views, and interactions with our website. This data helps us improve site functionality and user experience.
b) Account Data: When you create an account or make a transaction, we may collect identifying information including your full name, billing/shipping address, email address, and phone number.
c) Profile Data: Data about your preferences, purchase history, account settings, and behavioral patterns while using our site are collected to personalize your experience.
d) Communication Data: Includes contents of your messages, inquiries, or support tickets sent through contact forms or email communications with us.
e) Technical Data: Includes technical information from the devices you use to access happyrootsmama.com, such as device type, operating system, system settings, language, and mobile identifiers.
f) Transaction Data: When you make purchases, we collect data relating to orders, delivery addresses, fulfilled products or services, and payment confirmations. Payment information is processed securely via third-party processors; we do not retain full payment card details.
g) Preference Data: Includes your choices regarding newsletters, marketing opt-ins, product interests, and customized offers.
4. Lawful Bases for Processing Personal Data
We process your personal data on one or more of the following legal bases:
– Contractual Necessity: To fulfill a contract with you, such as processing transactions, orders, or account creation.
– Consent: Where you have provided explicit consent for communication, cookies, or marketing materials.
– Legal Obligation: To comply with legal and regulatory duties.
– Legitimate Interests: To pursue reasonable business interests such as fraud detection, analytics, customer service, and improving our services, provided your fundamental rights do not override these interests.
5. Your Rights Under GDPR and CCPA
As a user, you have the following rights regarding your personal data:
– Right of Access: You may request a copy of the data we hold about you.
– Right to Rectification: To correct inaccuracies or incomplete data.
– Right to Erasure (“Right to be Forgotten”): To request deletion of your personal data, subject to lawful retention exceptions.
– Right to Restrict Processing: To limit how your data is processed under certain circumstances.
– Right to Data Portability: To receive your data in a structured format and transfer it to another provider.
– Right to Object: To object to processing carried out on the basis of our legitimate interests, including for marketing.
– Right Not to Be Subject to Automated Decision-Making: Including profiling that produces legal or similar effects.
– California-specific Rights: Under the CCPA, California residents may also request to know what personal data is collected, sold, or disclosed and opt out of the sale of personal information (if applicable).
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We employ rigorous technical and organizational security measures to protect personal data, including:
– SSL encryption across our website,
– Restricted access and role-based permissions to sensitive data,
– Regular data backups and disaster recovery procedures,
– Staff training on data protection best practices,
– Third-party vendor risk assessments.
Despite our efforts, no system is entirely immune to data breaches. Nonetheless, we act promptly to investigate and mitigate any security incidents.
7. International Data Transfers
When personal data is transferred outside of the European Economic Area (EEA) or other jurisdictions with similar protections, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or ensure that data is transferred to jurisdictions with adequate data protection standards.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes it was collected for, including:
– Account and Profile Data: Retained for the life of your account and up to 2 years thereafter.
– Transaction and Order Data: Retained for 7 years for legal and tax obligations.
– Communication Data: Retained for 3 years from the last communication.
– Analytics and Technical Data: Typically retained for up to 26 months via analytics platforms.
Upon expiration of retention periods, data is securely deleted or anonymized.
9. Cookie Policy
Happy Roots Mama uses cookies and similar tracking technologies to improve the user experience. Cookies may be categorized as:
– Essential Cookies: Required for website functionality and navigation. These cannot be disabled.
– Functional Cookies: Enable enhanced features and personalization (e.g., remembering preferences).
– Analytics Cookies: Help us understand website usage patterns to enhance our services.
– Performance Cookies: Allow us to measure system performance, load times, and interaction with interface elements.
10. Cookie Management and Compliance
Upon your first visit to happyrootsmama.com, you are presented with a cookie banner to set preferences in compliance with GDPR and CCPA. You may change your cookie preferences at any time via browser settings or our cookie management tool available on the site. California residents may also opt out of sale or sharing of personal data via the dedicated “Do Not Sell or Share My Personal Information” link, where applicable.
11. Children’s Privacy
Our website is not intended for or directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe that a child under 13 has provided us with personal information, please contact us immediately at [email protected], and we will delete such data.
12. Policy Updates and Communications
We may update this Privacy Policy as necessary to reflect changes in legal requirements, our data practices, or the features of our site. We encourage you to review this policy periodically. Where substantial changes are made, we will notify users via prominent notices on happyrootsmama.com or via direct communication, where appropriate.
13. Contacting Us
If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please write to us at:
Email: [email protected]
We value your privacy and are committed to full compliance with applicable data protection laws. Please feel free to reach out with any privacy-related inquiries or to exercise your rights.