Privacy Policy
At Stoddard Carpets (“we,” “us,” or “our”), accessible at stoddardcarpets.com, your privacy is of paramount importance to us. We are dedicated to protecting the personal data of our users and complying with all applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, store, and disclose your data, as well as your rights and how you can contact us with any concerns.
1. Commitment to Privacy and Data Protection
We are committed to ensuring the confidentiality, integrity, and lawful handling of your personal data. Our operations are guided by a privacy-first approach, intended to provide transparency, control, and accountability in how we process your information when you interact with us through our website, services, and communications.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal information collected through stoddardcarpets.com and related services. Stoddard Carpets is the data controller responsible for determining the purposes and means of processing your personal data. If you have any questions, you may contact us via email at [email protected].
3. Categories of Personal Data We Process
We collect a range of personal data to ensure the appropriate functioning of our website, respond to inquiries, and provide tailored services. The types of data we process include:
a. Usage Data
Includes information about how you use our website, such as your IP address, browser type, operating system, referring URLs, pages viewed, and access times.
b. Account Data
Collected when you create an account or place an order, including your name, billing and shipping address, email address, and phone number.
c. Profile Data
Includes your preferences, past purchases, on-site behavior, wishlists, and product browsing history to help us personalize your shopping experience.
d. Communication Data
Assistance requests, submitted forms, emails, and contact or support inquiries are stored and monitored to enhance our customer support service.
e. Technical Data
Covers technical device attributes such as device model, operating system, browser version, time zone setting, and hardware specifications.
f. Transaction Data
Comprises data relating to the services you purchase from us, including product details, payment methods, transaction timestamps, and delivery preferences.
g. Preference Data
Includes records of your marketing and communication preferences, consent choices, language selections, and product interest data.
4. Legal Bases for Processing Personal Data
We process your information under various lawful bases depending on the nature of our interaction with you:
– Consent: Where we rely on your freely given, specific, informed, and unambiguous consent to process certain data (e.g., marketing subscriptions).
– Contractual Necessity: To fulfill obligations under a contract with you (e.g., fulfilling your purchase).
– Legitimate Interests: To conduct and develop our business activities, provided our interests do not override your rights and freedoms (e.g., data analysis, security improvements).
– Legal Obligation: Where processing is necessary to comply with legal or regulatory requirements.
5. Your Rights Concerning Your Personal Data
Subject to jurisdiction and legal limitations, you may exercise the following rights at any time:
– Right of Access: Request information about your personal data and how we process it.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, where legally permissible.
– Right to Restriction: Request limitation of your data processing under certain conditions.
– Right to Data Portability: Request to receive your personal data in a structured, commonly used format or to transfer it to another controller.
– Right to Object: Object to processing that is carried out on the basis of our legitimate interests or for direct marketing purposes.
To exercise any of the above rights, please contact us at [email protected].
6. Security Measures
We maintain comprehensive administrative, technical, and physical safeguards to protect your personal data. These include but are not limited to:
– Encryption of data in transit and at rest
– Secure access control mechanisms and authentication protocols
– Routine system updates and security patching
– Regular data backups and disaster recovery procedures
– Staff training on data protection practices
Though we strive for the highest level of security, no system is entirely immune from unauthorized access. Should a breach occur, we will comply with all applicable notification obligations.
7. International Data Transfers
Your data may be transferred to, processed, or stored in countries outside of your jurisdiction, including those that may not offer the same level of data protection. In such cases, we ensure appropriate safeguards are implemented, such as Standard Contractual Clauses approved by the European Commission or other legally recognized mechanisms in line with GDPR/CCPA standards.
8. Data Retention
We retain your personal data only as long as necessary for the purposes for which it was collected, or to comply with our legal, tax, and regulatory obligations:
– Usage and Technical Data: 12 months
– Account, Transaction, and Profile Data: 7 years from the date of your last interaction with our services
– Communication Data: 3 years
– Preference and Marketing Data: Until withdrawn or unsubscribed
Where applicable, data will be anonymized or securely deleted after these retention periods.
9. Cookie Policy
Our website uses cookies and similar technologies to ensure a personalized and functional user experience. These may be categorized as follows:
– Essential Cookies: Necessary for the basic operation of the website (e.g., login and cart functionality).
– Functional Cookies: Enable enhanced functionality and personalization (e.g., saving user preferences).
– Analytics Cookies: Help us understand how users interact with the website, using tools like Google Analytics.
– Performance Cookies: Measure and analyze website performance and user behavior to improve functionality and experience.
10. Cookie Management and Compliance
You can manage your cookie preferences directly through your browser settings or by using opt-in features on our website. For EU users, we offer explicit opt-in mechanisms for non-essential cookies in accordance with GDPR. California residents may exercise rights under CCPA, including opting out of the “sale” of personal information. Please see our Cookie Banner for detailed configuration options.
11. Protection of Children’s Privacy
Our services are not directed toward children under the age of 13, and we do not knowingly collect personal data from minors. If you believe we have inadvertently collected information about a child under 13, please contact us at [email protected] so we may take appropriate action.
12. Policy Updates and Notifications
We may update this Privacy Policy to reflect changes in operations, legal obligations, or user feedback. Any material updates will be communicated through clear notices on stoddardcarpets.com. Continued use of our services after updates constitutes acknowledgment of the revised terms.
13. Contact Us
If you have questions, concerns, or requests related to this Privacy Policy or how your personal data is processed, please reach out to:
Stoddard Carpets
Email: [email protected]
We remain committed to adhering to all relevant data protection laws and ensuring your privacy is respected and protected throughout your interactions with stoddardcarpets.com.