Privacy Policy for Data Gardener

1. Introduction – Our Commitment to Your Privacy

At Data Gardener, accessible via data-gardener.com, we are committed to safeguarding the privacy, integrity, and security of your personal information. We understand the value of your personal data and adhere strictly to applicable data protection and privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, and protect your personal information, as well as your rights in relation to your data.

2. Scope of Policy and Role as Data Controller

This Privacy Policy applies to data collected through data-gardener.com and associated services. For the purposes of applicable data protection laws, Data Gardener is the “data controller” of your personal information—meaning we determine the purposes and means of processing your data. Any third-party websites linked through our platform are not under our control and are not covered by this Privacy Policy.

3. Categories of Data We Process

We process various categories of personal data based on your interaction with our services, including:

3.1 Usage Data
We may collect information about how you access and use our website including your browser type, IP address, operating system, unique device identifiers, pages visited, session duration, and referral URLs. This data helps us maintain and improve the performance of our site.

3.2 Account Data
When you create or manage an account, we collect identifiable information such as your full name, postal address, phone number, email address, and account credentials.

3.3 Profile Data
We may process information related to your preferences, interests, behavior on our platform, previous purchases, and responses to surveys or promotional content.

3.4 Communication Data
Information such as correspondence with our support team, interactions through email or chat, and user feedback may be collected and stored in order to provide assistance and maintain service records.

3.5 Technical Data
Device information including browser plugins, language settings, screen resolution, time zone, and operating system may be automatically collected to help identify and rectify technical issues.

3.6 Transaction Data
This includes information related to purchases or transactions made via our website, including billing addresses, delivery information, payment method (encrypted), and transaction history.

3.7 Preference Data
We collect your stated preferences regarding marketing communications, product categories of interest, and consent to be contacted for promotional purposes.

4. Legal Bases for Processing Personal Data

We collect and process your personal data only when we are allowed to do so under applicable laws. These include:

– Contractual Necessity: To fulfill obligations under any contract with you, including account registration and order fulfillment.
– Consent: For direct marketing communications and optional cookies, we rely on your informed consent, which can be withdrawn at any time.
– Legitimate Interests: For internal business operations, fraud detection, safeguarding our services, and enhancing user experience, where such interests are not overridden by your rights and freedoms.
– Legal Obligations: For compliance with legal and regulatory requirements, including financial recordkeeping and law enforcement cooperation.

5. Your Rights Under GDPR and CCPA

You may exercise the following rights, subject to verification and regional requirements:

– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Have incomplete or inaccurate data corrected.
– Right to Erasure: Request deletion of your data under certain conditions (“right to be forgotten”).
– Right to Restrict Processing: Request limitation of data processing during disputes or verification.
– Right to Data Portability: Obtain a copy of your data in a structured, machine-readable format and transmit it to another controller.
– Right to Object: Object to direct marketing or processing based on legitimate interests.
– Do Not Sell My Personal Information (CCPA): California residents can opt out of the sale of their personal data, if applicable.

To exercise your rights, you may contact us using the details provided in Section 13.

6. Security Measures

We take your data security seriously and implement multifaceted safeguards, including but not limited to:

– End-to-end encryption and SSL protocols for data in transit
– Role-based access controls and user authentication
– Regular data backups stored in secure environments
– Routine security audits and penetration testing
– Employee awareness training on data protection and privacy best practices

7. International Data Transfers

Personal data processed by Data Gardener may be transferred to, and stored in, locations outside of your country, including jurisdictions that may not offer the same level of data protection. Where such transfers occur, we ensure that appropriate safeguards are in place—typically through the use of Standard Contractual Clauses approved by the European Commission or other equivalent mechanisms under relevant privacy laws.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, or as required by law. Specific retention periods include:

– Account and Profile Data: Retained for the duration of the account’s existence and up to 3 years thereafter.
– Transaction Data: Retained for 7 years for accounting and legal compliance.
– Communication Data: Retained for 2 years unless there is a continuing need.
– Technical and Usage Data: Retained in aggregated or anonymized form for analytics purposes.

Once the retention periods lapse, your data is securely deleted or anonymized.

9. Cookie Policy

We use cookies and similar technologies to enhance your experience on data-gardener.com. These include:

– Essential Cookies: Required for site operation and security (e.g., session identifiers).
– Functional Cookies: Enable personalization of content and settings.
– Analytics Cookies: Collect aggregated usage data to improve website features (e.g., Google Analytics).
– Performance Cookies: Track user navigation to optimize performance and loading times.

10. Cookie Management & GDPR/CCPA Compliance

Upon your first visit to data-gardener.com, a consent management interface allows you to choose which cookies to accept. You may update your cookie preferences at any time from the cookie settings panel. Under GDPR and CCPA, the use of non-essential cookies is subject to opt-in consent, and no personal information is sold or shared without your explicit agreement.

11. Children’s Privacy Protections

Our website and services are not intended for children under 13 years of age. We do not knowingly collect or solicit personal information from minors. If we become aware that a child under 13 has provided personal data without verified parental consent, we will delete such data as soon as practicable.

12. Policy Updates and Notification

We reserve the right to update or modify this Privacy Policy at any time. Material changes will be communicated via prominent notices on our website and, where appropriate, via direct email communication. Continued use of data-gardener.com after such changes constitutes acknowledgment and acceptance of the revised policy.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Data Gardener
Email: [email protected]

We are committed to fully complying with applicable data protection laws and protecting your privacy. Please reach out to us with any concerns regarding your personal data and we will respond promptly and transparently.