Privacy Policy of Needles & Pins Voyage
1. Introduction
At Needles & Pins Voyage, accessible at needlesandpinsvoyage.com, we are fully committed to safeguarding your personal data and ensuring your privacy is protected. We understand the importance of data protection and take our responsibilities seriously in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and all relevant privacy laws. This Privacy Policy outlines how we collect, use, protect, and share your personal information when you visit our website or interact with us.
2. Scope of This Policy and Role of Data Controller
This Privacy Policy applies to all users of our website, needlesandpinsvoyage.com, and to all data collected through your interaction with our services. For the purposes of the GDPR, Needles & Pins Voyage is the data controller, meaning we determine the purposes and means of processing your personal data.
If you have any questions about this policy or wish to exercise any of your data rights, you may reach out to us at [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
a) Usage Data
Information such as your IP address, browser type and version, pages visited, time spent on pages, clickstream data, and referring URLs. This data helps us understand how users interact with our website.
b) Account Data
Includes full name, home or business address, email address, telephone number, and any other information used to register or verify an account on our site.
c) Profile Data
Encompasses your preferences, prior purchases, browsing behavior, saved items, and any feedback or survey responses provided to us.
d) Communication Data
Comprises consumer inquiries, email exchanges, support requests, and chat correspondences sent through any channel available on our site or services.
e) Technical Data
Data from your device including hardware model, operating system, screen resolution, language settings, and configuration or diagnostic data.
f) Transaction Data
Includes order history, payment methods (processed securely via third-party providers), billing addresses, and delivery information.
g) Preference Data
Refers to your expressed marketing preferences, communication opt-in or opt-out status, and areas of interest relating to our products or accessories.
4. Legal Bases for Processing Personal Data
We process personal data only where there is a lawful basis under applicable data protection laws, including:
– Consent: When you provide clear permission for us to process your data for a specific purpose (e.g., subscribing to our newsletter).
– Contractual necessity: To fulfill contractual obligations such as processing and delivering an order.
– Legitimate interests: For operating and improving our services, marketing analysis, preventing fraud, or network and information security—provided those interests are not overridden by your rights.
– Legal obligation: To comply with applicable laws and lawful requests by public authorities.
5. Your Data Protection Rights
You have several rights under data protection legislation, which we fully respect:
– Right of Access – Obtain confirmation and a copy of personal data we hold about you.
– Right to Rectification – Request correction of inaccurate or incomplete data.
– Right to Erasure – Ask us to delete your data in certain circumstances (also known as ‘the right to be forgotten’).
– Right to Restrict Processing – Request that we limit how we use your data in certain scenarios.
– Right to Data Portability – Obtain and reuse your personal data across different services.
– Right to Object – Object to processing based on our legitimate interests, or to direct marketing.
To exercise these rights, contact us at [email protected]. We will respond to your request in accordance with applicable laws.
6. Security Measures
We employ appropriate technical and organizational measures to ensure your data is secure. These include:
– Data encryption during transmission and at rest.
– Secure access protocols, firewalls, and intrusion detection.
– Role-based access control and staff training in data protection principles.
– Regular backups to mitigate data loss events and ensure continuity.
While no system is entirely impenetrable, we strive to keep your information safe at all times.
7. International Data Transfers
Your personal data may be transmitted and processed outside your country of residence, including to countries that may not have equivalent data protection laws. Where such transfers occur, we implement adequate safeguards, such as:
– Standard contractual clauses approved by the European Commission.
– Binding corporate rules, where applicable.
– Additional technological and procedural safeguards.
8. Data Retention
Your data is retained only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or to comply with legal requirements. Specifically:
– Usage and technical data: up to 12 months.
– Account and profile data: as long as your account is active, and up to 6 years thereafter.
– Transaction data: retained for up to 7 years in line with accounting laws.
– Communication data: typically retained for 24 months.
– Preference data: until you withdraw consent or request deletion.
Upon expiration of the relevant retention period, we will safely delete or anonymize your data.
9. Cookie Policy
Needles & Pins Voyage uses cookies and similar tracking technologies to optimize your experience. Categories of cookies include:
– Essential Cookies – Enable core functionality such as security, shopping cart, and network management.
– Functional Cookies – Remember user preferences and settings.
– Analytics Cookies – Help us understand traffic patterns and site usage to improve performance.
– Performance/Advertising Cookies – Support advertising relevance and tracking campaign metrics.
None of these cookies will store personally identifiable information unless explicitly provided by you.
10. Cookie Management & Compliance
You can manage your cookie preferences through the cookie banner presented upon your first visit and via your browser settings at any time.
For GDPR compliance: visitors from the EU receive the option to consent to or reject cookies except for strictly necessary ones.
For CCPA compliance: California residents can opt out of the “sale” of personal information and request disclosure of data categories collected.
To review, withdraw or change your cookie consents, refer to your browser’s or device’s cookie settings and our Cookie Settings link on the website footer.
11. Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at [email protected]. We will promptly delete such information upon verification.
12. Policy Updates
We reserve the right to modify this Privacy Policy at any time. Any substantial updates to the way we process your personal data will be reflected on this page. Continued use of needlesandpinsvoyage.com constitutes acceptance of any changes. We encourage you to review this policy periodically to remain informed.
13. Contact Us
For any questions, requests, or concerns regarding this Privacy Policy, your rights, or our use of your personal data, please contact:
Needles & Pins Voyage
Email: [email protected]
We are committed to maintaining transparency and respecting your privacy in every aspect of our operation. If you believe your data has been misused or if you seek further clarification of our practices, please do not hesitate to reach out.