Privacy Policy for Milk Bar Phoenix
1. Introduction
At Milk Bar Phoenix, accessible via milkbarphoenix.com, we are committed to protecting the privacy, integrity, and security of your personal data. We recognize the trust you place in us when you provide your information and are fully dedicated to meeting our responsibilities under applicable data protection frameworks, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you access or interact with our website or services. By using milkbarphoenix.com, you agree to the practices and terms outlined in this Privacy Policy.
2. Scope and Data Controller
This Privacy Policy applies to all visitors, users, and customers of milkbarphoenix.com. Milk Bar Phoenix operates as the data controller for personal data collected through the website and associated platforms, meaning we determine the purposes and means of processing your personal data.
3. Categories of Personal Data We Process
We collect and process various categories of personal data, depending on your interactions with our website and services:
a. Usage Data
Includes information such as your browser type, IP address, access times, geographic location, page views, navigation paths, session duration, and referring website addresses.
b. Account Data
If you create an account with us, we collect data such as your full name, residential or business address, email address, and telephone number.
c. Profile Data
Includes preferences, order history, behavioral interactions with the site, saved items, and other selections made on milkbarphoenix.com.
d. Communication Data
Consists of any communications you send to us, including customer support queries, messages sent via our contact form, chat interactions, or correspondence via email.
e. Technical Data
Covers device identifiers, operating systems, browser settings, language preferences, and system configuration data automatically collected when using our site.
f. Transaction Data
Includes payment information (processed via secure third parties), billing addresses, and shipping or delivery data.
g. Preference Data
Covers your marketing preferences, including consents for receiving promotional emails or notifications, and product interests as derived from browsing and shopping behavior.
4. Legal Bases for Processing Data
We process your personal data only when we have a valid legal basis to do so under GDPR and other applicable laws, including:
– Consent: When you provide explicit permission for us to process your data, such as subscribing to our newsletter.
– Contract Performance: When processing is necessary to fulfill obligations arising from a contract, such as purchase fulfillment or customer support.
– Legitimate Interests: Where processing serves a legitimate business interest that does not override your fundamental rights, such as website analytics, fraud detection, or service optimization.
– Legal Obligation: When we are required to do so under applicable laws and regulations.
5. Your Rights Under GDPR and CCPA
We respect your privacy rights and facilitate the following, subject to verification and applicable law:
– Right of Access: Request a copy of the personal information we hold about you.
– Right to Rectification: Correct inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data, where legally permissible.
– Right to Restrict Processing: Request limited use of your data in certain circumstances.
– Right to Data Portability: Obtain and reuse your data in a structured, commonly used format.
– Right to Object: Object to processing based on our legitimate interests or for direct marketing.
– Do Not Sell My Personal Information: Under the CCPA, California residents may request that we do not sell their personal information to third parties.
To exercise any of these rights, contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational security measures to protect your personal data. Safeguards may include, but are not limited to, encryption protocols during data transmission, access control mechanisms, cybersecurity monitoring, secure backups, and staff training on data protection practices.
7. International Data Transfers
Your personal data may be transferred to and processed in countries outside your region, including to the United States, where privacy laws may not provide the same level of protection. Where such transfers occur, we ensure that adequate safeguards are in place, including the use of Standard Contractual Clauses approved by the European Commission or compliance frameworks recognized under applicable data protection laws.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, accounting, or reporting obligations. Specific retention periods include:
– Usage and Technical Data: up to 24 months
– Account and Profile Data: retained for the duration of your account plus 2 years
– Transaction Data: retained for up to 7 years for tax and reporting purposes
– Communication Data: retained for 3 years after the last interaction
– Preference Data: retained until consent is withdrawn or for a period of 2 years, whichever comes first
9. Cookie Policy
Our website uses cookies and similar technologies to enhance user experience, understand website traffic, and provide personalized services. We categorize the cookies we use as follows:
– Essential Cookies: Required for basic website functionality, such as navigation and account access.
– Functional Cookies: Enable enhanced features and customization, such as saved preferences.
– Analytics Cookies: Help us understand how users interact with the site to improve functionality, using tools like Google Analytics.
– Performance Cookies: Measure performance of website infrastructure including loading speed and responsiveness during user sessions.
10. Cookie Management and Compliance
By visiting milkbarphoenix.com, you may be presented with a cookie consent tool allowing you to manage your preferences. You can change or withdraw your consent at any time via cookie settings or by adjusting browser configurations.
We comply with GDPR and CCPA cookie notice requirements by giving users clear, prior information about cookie use and obtaining opt-in consent where required.
11. Children’s Privacy
Our website and services are not intended for children under the age of 13. We do not knowingly collect or solicit personal data from individuals in this age group. If we become aware that we have inadvertently collected such information, we will take prompt steps to delete it. Parents or guardians who believe their child has submitted personal data should contact us at [email protected].
12. Policy Updates
We reserve the right to update this Privacy Policy at any time to reflect changes in legal obligations, technology, or our business operations. Where updates materially affect your rights or obligations, we will notify you through prominent means via our website or via direct communication where possible.
Continued use of milkbarphoenix.com after such updates constitutes your acceptance of the revised policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
Milk Bar Phoenix
Email: [email protected]
We are committed to protecting your privacy and ensuring that your personal data is handled in a lawful, fair, and transparent manner. Please do not hesitate to reach out if you have any privacy-related concerns or wish to exercise your rights.